Couple weeks ago a CTO contacted me about a role at their company. After three failed calls, I figured they are trying to access my machine.

Lobsters is a community-driven platform for sharing and discussing links to articles, tutorials, and projects related to technology and programming. Readers can learn about a wide range of topics, from software development and system administration to cybersecurity and artificial intelligence. With user submissions, comments, and voting, Lobsters provides a platform for collaborative learning and knowledge sharing among technology enthusiasts.

Lobsters

A developer shares a first-hand account of nearly falling victim to a sophisticated job scam. A fake CTO posing as a fintech recruiter on LinkedIn moved the conversation to Telegram, then used spoofed Microsoft Teams and Zoom meeting links hosted on lookalike domains (zoom.uz07web.us, teams.microsomeet.com) to trick the target into running malicious terminal commands via curl piped to zsh. The scam was caught when the author noticed the fake domain in the URL. The post connects the experience to a Google Cloud threat intelligence report on similar cryptocurrency-targeting attacks and outlines the red flags: requests to move to Telegram, fake 'SDK update' prompts, and terminal commands disguised as meeting fixes.

Try not to get scammed while looking for work