NITDA Warns of ‘CovertCatch’ Job Scam Malware on LinkedIn

The National Information Technology Development Agency (NITDA) has issued a public warning about a new job scam malware, “CovertCatch,” spread by cyber threat actors on LinkedIn.

Mrs. Hadiza Umar, NITDA’s Director of Media and Corporate Communications, released the advisory on Tuesday in Abuja, noting that the scam targets sectors such as defence, media, technology, and academia via fraudulent job offers. She explained that these cybercriminals pose as recruiters or job providers to trick users into downloading malicious files or clicking on harmful links.

Advisory on LinkedIn Job Scams#BwCyberSmart pic.twitter.com/rLo5LXVZE8

— NITDA Nigeria (@NITDANigeria) October 28, 2024

“CovertCatch can steal data, record keystrokes, and capture screen activity undetected,” she stated.

“It’s spread on LinkedIn poses serious risks to organisations and individuals alike. Once installed on a device or network, it can compromise confidential information, resulting in financial losses, reputational harm, and data breaches.”

Also Read: NITDA Urges LiteSpeed Cache Users to Update for Website Security

She also warned of increased risk for further attacks, such as ransomware and system-wide compromise, which could threaten critical industries and essential services.

Mrs. Umar advised caution towards unsolicited job offers or recruitment messages on LinkedIn, especially those prompting file downloads or linking to external sources. She urged organisations to regularly monitor for unusual login activities, implement Multi-Factor Authentication (MFA) on all accounts, and keep antivirus software up-to-date to detect anomalies swiftly.

“Organisations should also periodically audit LinkedIn connections and restrict access to sensitive information based on roles and necessity,” she added.