What to do if I shared my Aadhaar number in a job scam?

If you shared your Aadhaar number, immediately contact the Unique Identification Authority of India (UIDAI) and request an update or lock your Aadhaar to ensure further misuse is not possible. Also, consider reporting to cybercrime.gov.in or helpline 1930.

How can I identify a fake job interview?

Look for inconsistencies in communication, such as poor grammar or unofficial email domains. Legitimate companies do not ask for sensitive information before the final interview.

How to report a job scam in India?

You can report job scams at cybercrime.gov.in, or call the cybercrime helpline at 1930. Additionally, inform your bank if any financial details were compromised.

What are the recovery steps after falling victim to this scam?

Immediately inform your bank and freeze your accounts if necessary. Change your passwords and enable two-factor authentication on all accounts. Report the incident to the police and to the cybercrime helpline at 1930.

Void Dokkaebi Malware Distribution via Fake Job Interviews

Verdict: Suspicious | Risk Score: 9/10 | Severity: critical

Category: job_scam

How Void Dokkaebi Malware Distribution via Fake Job Interviews Works

The Void Dokkaebi threat group is using fake job interview lures to spread malware through compromised developer repositories. This method allows the malware to propagate through trusted development workflows, organizational codebases, and open-source projects, creating a significant supply chain risk.

How This Scam Works — Detailed Explanation

The Void Dokkaebi threat group has developed a sophisticated method of targeting job seekers in India, luring them with enticing fake job interviews. Scammers typically find their victims through online job portals such as Naukri.com and LinkedIn, where they create profiles that mimic legitimate companies. They capitalize on the desperation of job seekers, especially in a competitive market, presenting roles that seem too appealing to resist. Once they identify potential victims, they reach out via email or direct messaging, assuring candidates of an interview. This initial contact often appears official, complete with company logos and seemingly legitimate emails, which may even pass basic scrutiny.

Once a victim engages with the scammers, the psychological manipulation begins. Scammers frequently employ tactics such as creating urgency, insisting that positions are limited or that interviews must occur immediately. They may also fabricate scenarios where candidates are required to download specific software, purportedly for the purpose of conducting the interview. This software is actually a guise to distribute malware. Scammers leverage social engineering techniques, instilling fear that missing this opportunity could result in job loss or unfavorable career impacts, pushing victims to comply without much thought about the potential risks.

For victims who fall into this trap, the consequences can be severe. Once the malware is installed on their systems, it can give the scammers remote access to sensitive personal information, including UPI credentials, Aadhaar numbers, or even banking details if financial records are accessed. This means that scammers could potentially siphon money directly from victims' accounts via UPI. Additionally, if victims share information over WhatsApp or other platforms as part of the fake interview process, they may inadvertently share sensitive details with scammers, further compounding their vulnerability. Reports have indicated that individuals have lost substantial amounts of money, with aggregated reports indicating hundreds of crores lost due to scams facilitated by these types of malware.

The impact of such scams on the overall Indian economy and society is alarming. According to recent data, Indian citizens reportedly lost approximately ₹2,500 crore to various cybercrimes in 2022 alone, with job scams making up a significant portion of that figure. The Ministry of Home Affairs (MHA), along with the Reserve Bank of India (RBI) and the Computer Emergency Response Team of India (CERT-In), has issued multiple advisories regarding such scams. As the malware spreads, it creates further risks not just for individuals but for entire organizations, especially those reliant on open-source software and development repositories.

To protect themselves, job seekers need to be able to discern between legitimate and suspicious communications. Key warning signs include emails from unofficial addresses, last-minute schedule changes, requests for personal information early in the process, and any mention of needing to download software to proceed. Always verify through official channels, such as contacting the company directly via their official website or helpline, to confirm the authenticity of the job interview invitation and to ensure that it’s not a scam.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Void Dokkaebi Malware Distribution via Fake Job Interviews Target?

General public across India

Red Flags — How to Identify Void Dokkaebi Malware Distribution via Fake Job Interviews

malware
fake job interview
developer repositories
supply chain attack
Void Dokkaebi

What To Do If You Encounter Void Dokkaebi Malware Distribution via Fake Job Interviews

Report any suspicious job offers at cybercrime.gov.in or call 1930
Do not download any apps or software suggested during the interview
Verify the company's legitimacy by checking their official website
Reach out to the company directly using their known contact information
Monitor your bank transactions closely and immediately alert your bank if you see anything suspicious
Educate friends and family about these scams to protect them too

How to Report Void Dokkaebi Malware Distribution via Fake Job Interviews in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my Aadhaar number in a job scam?: If you shared your Aadhaar number, immediately contact the Unique Identification Authority of India (UIDAI) and request an update or lock your Aadhaar to ensure further misuse is not possible. Also, consider reporting to cybercrime.gov.in or helpline 1930.
How can I identify a fake job interview?: Look for inconsistencies in communication, such as poor grammar or unofficial email domains. Legitimate companies do not ask for sensitive information before the final interview.
How to report a job scam in India?: You can report job scams at cybercrime.gov.in, or call the cybercrime helpline at 1930. Additionally, inform your bank if any financial details were compromised.
What are the recovery steps after falling victim to this scam?: Immediately inform your bank and freeze your accounts if necessary. Change your passwords and enable two-factor authentication on all accounts. Report the incident to the police and to the cybercrime helpline at 1930.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.