You’re well aware of the dangers of opening Unsolicited File Attachments. Whether you get them in an email, as a link in a public social media message, or randomly sent to you in a chat app, the rule is the same: never open a file you weren’t expecting to receive. Even if you were expecting it, you should exercise caution when opening files from people you’ve never met before.
(Of course, you should maintain your skepticism and run a virus scan even if a familiar contact sends you a file that appears to be legitimate but raises the hair on the back of your neck due to its timing, file name, file size, or other general weirdness.)
In terms of computer security, this is one of the first and most straightforward rules to remember. When you receive a file on LinkedIn, however, I can see how the process could easily fall apart. After all, isn’t this LinkedIn? The so-called “professional” social media platform! And that recruiter calling you about that fantastic (contract) job opportunity isn’t trying to con you. They’d like to hire you! To view the job description, simply click on this handy attachment, and…
No. That is not something you should do. If you receive a.DOCX or.PDF of a posting that could have been sent as a hyperlink to a website or simply copied and pasted into the message or a subsequent email, you should be cautious. Also, if the attachment is a.ZIP file that you received unexpectedly, do not open it. That method is being used by a recent malware campaign to cause problems:
“eSentire’s research team, the Threat Response Unit (TRU), discovered that hackers are spearphishing victims with a malicious zip Unsolicited File Attachments using the job position listed on the target’s LinkedIn profile. For example, if the LinkedIn member’s job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the “position” added to the end). Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs. Once loaded, the sophisticated backdoor can download additional malicious plugins and provide hands-on access to the victim’s computer. The threat group behind more_eggs, Golden Chickens, sell the backdoor under a malware- as- a- service(MaaS) arrangement to other cybercriminals. Once more_eggs is on the victim’s computer system, the Golden Eggs seedy customers can go in and infect the system with any type of malware: ransomware, credential stealers, banking malware, or simply use the backdoor as a foothold into the victim’s network so as to exfiltrate data.”
If you absolutely must open a Unsolicited File Attachments you didn’t expect to receive from someone you don’t know, download it and run a thorough virus and malware scan on it before opening it. You can accomplish either with a variety of free tools. I’d even argue that it’s worth being extra cautious and opening the file in a sandbox—a virtual environment whose contents can’t harm your computer. When you close a sandbox, anything that occurred within it usually vanishes; when you open a new sandbox, your virtual environment is fresh and new again.
If you’ve already opened a now-suspicious-appearing attachment from LinkedIn—or anywhere else—make sure your antivirus and antimalware software is up to date, run full system scans, and send the file you downloaded to a service like VirusTotal for a little extra help confirming whether you’ve been hit. If you find out you’ve been infected, be prepared to clean and reinstall your computer.
In these situations, your best bet is to use your common sense. If someone refuses to simply copy and paste the contents of a document when asked, particularly if they approach you out of the blue, consider why they are so hesitant. If you question them about the need for a.ZIP file, it’s a sign that something about the alleged “offer” they’re presenting is strange.