Void Dokkaebi Job Interview Malware Lure — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 13, 2026

Severity: HIGH | View Full Scam Details

Beware the Void Dokkaebi Job Interview Malware Lure in 2026: Don’t Let Fake Job Offers Hurt You in India

Job seekers in India, especially those using LinkedIn and job portals, face a growing cyber threat where fake interview invites come with malware traps. This Void Dokkaebi scam is putting careers and personal data at risk — here’s what you must know to stay safe.

What Is the Void Dokkaebi Job Interview Malware Lure?

The Void Dokkaebi scam is a rising cybercrime tactic where fraudsters target job seekers in India through fake online recruitment efforts. These scammers create convincing profiles that mimic well-known companies and approach candidates with job opportunities. Once trust is gained, they send links disguised as interview documents or software, but which actually install malware on victims’ devices.

This scam specifically targets Indians actively seeking employment on platforms like LinkedIn, Naukri, and Indeed. Given the massive growth of online hiring in India, scammers exploit this trend to trick tens of thousands yearly. The cyber threat has caught the eye of Indian cybersecurity agencies like CERT-In and the Indian Cyber Crime Coordination Centre (I4C), which have issued alerts about malware spread via fake job offers.

The scam’s reach is significant in metro cities with high job seeker populations such as Bengaluru, Hyderabad, Mumbai, and Delhi. Candidates in IT and software development roles are frequent targets due to the technical nature of the bait — malware disguised as code repositories or interview test apps.

How This Scam Works — Step by Step

Fraudsters use a precise and deceptive sequence to ensnare victims:

1. Fake Profile Creation: Scammers create professional-looking recruiter profiles on LinkedIn or job portals. They often use company logos and real recruiter names scraped from social media.

2. Personalized Contact: The job seeker receives a direct message or email that appears genuine, inviting them to a “preliminary online interview” for roles like software developer, analyst, or data scientist.

3. Initial Trust-Building: The message includes formal language and references to the company’s website, often linking to real or cloned company pages.

4. Malware Link Sent: The interviewer sends a link to a “required interview coding test” or “application form” hosted on code repository platforms like GitHub or a cloud storage site. The candidate is urged to download a file or run an application.

5. Malware Download: When the victim clicks, malware silently installs on the device. This malware can steal personal data, including UPI apps, Aadhaar details, saved passwords, or enable unauthorized remote control.

6. Data Theft & Financial Loss: Using stolen data, scammers can impersonate victims to carry out unauthorized UPI transactions or SIM swaps, draining bank accounts.

7. Cover-Up: Scammers may disappear quickly, leaving India’s victims confused and vulnerable.

Real Warning Signs to Watch For

• Unsolicited interview invites from unknown or suspicious recruiter profiles.
• Misspellings and odd language in messages that claim to be official offers.
• Requests to download files or software before any formal interview schedule.
• Links directing to unfamiliar code repositories or suspicious cloud storage URLs.
• Pressure tactics urging quick action or exclusive job offers without interviews.
• Recruiter accounts with low connection counts or recent creation dates.
• Lack of official company email domain usage (e.g., Gmail instead of company emails).

What Happens to Victims

Once infected, victims face both financial and emotional turmoil. Malware can steal sensitive details like Aadhaar numbers and lock victims out of UPI-enabled apps such as BHIM or Google Pay. Scammers frequently use SIM swap fraud to bypass two-factor authentication, enabling UPI fund transfers out of victims' bank accounts.

Victims may find it difficult to reverse these transactions, as RBI guidelines offer limited relief after transactions are confirmed. The emotional cost — loss of savings, identity theft, and job opportunity stress — adds to the hardship. In many cases, victims report issues with closing affected bank accounts promptly, dealing with blocked WhatsApp accounts, and filing timely police complaints.

What RBI and CERT-In Say

India’s cybersecurity authorities have repeatedly warned against job-related cyber scams. CERT-In (Indian Computer Emergency Response Team) emphasizes never downloading unknown files during online recruitment. The RBI advises users to avoid sharing OTPs or UPI PINs and warns about SIM swapping tied to financial fraud.

For cybercrime complaints, CERT-In and the I4C recommend contacting the National Cyber Crime Reporting Portal or calling toll-free helpline 1930. RBI’s customer helpline (often accessible via bank websites) can also offer guidance on unauthorized banking transactions. Together, these agencies promote awareness and quick reporting to mitigate losses.

How to Protect Yourself

1. Always verify the recruiter’s profile through official company websites and LinkedIn company pages.
2. Never click on unknown or suspicious links, especially those asking for downloads.
3. Avoid sharing OTPs, passwords, or UPI PINs with anyone, regardless of how convincing they seem.
4. Use antivirus software and regularly update your phone and PC security patches.
5. Set up mobile number verification with your bank and use biometric authentication where possible.
6. Do not install any applications or tools related to job interviews without verifying their authenticity.
7. Report suspicious messages or profiles to LinkedIn, job portals, and local cybercrime units immediately.

What to Do If You’ve Been Targeted

• Disconnect your device from the internet immediately to stop malware communication.
• Contact your bank and block your UPI and debit cards. Request transaction freezes.
• File a complaint on the National Cyber Crime Reporting Portal or call the helpline 1930.
• Inform your mobile network provider to safeguard against SIM swap fraud.
• Change all sensitive passwords, especially for financial accounts and email.
• Keep records of all suspicious messages, transaction details, and malware files to assist investigations.
• Report the incident to CERT-In or I4C if advised.

Frequently Asked Questions

Q: Can malware from job interview links steal my Aadhaar details?
Yes, malware installed through these scams can access sensitive files and apps on your device, including Aadhaar-related data stored or accessed via your phone.

Q: How can I tell if a job interview invite is fake?
Look for recruiter profiles with few connections, unusual email addresses, high-pressure requests, or any ask to download software before formal interview rounds.

Q: What if I lose money via UPI after falling for this scam?
Report immediately to your bank and the cybercrime helpline 1930. RBI guidelines allow some recourse but early action improves chances of recovery.

Job scams like the Void Dokkaebi malware lure can destroy your finances and privacy quickly. Always verify before believing online job interview requests — and if unsure, check the message carefully at BharatSecure.app. Stay alert, stay safe!