Beware Malware
Home Malware Google ‘Received Your Resume’ Malware Email

Google ‘Received Your Resume’ Malware Email

by Brett M. Christensen


A “thank you” email purporting to be from Google informs the recipient that the company has received his or her resume. The message instructs the recipient to open an attached file to review the submitted job application. 

Brief Analysis

The email is not from Google and the attachment does not contain a job application. In fact, the attached file contains malware that can send further copies of itself to email addresses found on the infected computer, can download other malicious files from the Internet, and can potentially give hackers access to the infected computer. This malware is also distributed via fake social networking invitations, bogus e-cards and bogus shipping update messages.


Subject: Thank you from Google!

Thank you from Google!

We just received your resume and would like to thank you for your interest in working at Google. This email confirms that your application has been submitted for an open position.

Our staffing team will carefully assess your qualifications for the role(s) you selected and others that may be a fit. Should there be a suitable match, we will be sure to get in touch with you.

Click on the attached file to review your submitted application.

Have fun and thanks again for applying to Google!

Google Staffing

Screenshot of virus email:

Fake Google Resume Email


Detailed Analysis

This email, which purports to be from Internet giant Google, is supposedly a message thanking the recipient for submitting his or her resume to the company.

The message claims that Google’s “staffing team” will assess the resume and contact the recipient if a suitable job becomes available. It advises the recipient to open an attached file in order to review the submitted application.

However, the email is not from Google and the attachment does not contain a copy of a job application. In fact, opening the attachment will install malware on the user’s computer
Once installed, this malware can send itself to email addresses it has harvested from the infected computer. It can also download and install other malware from the Internet, modify the Windows registry so that malware runs when the computer is started, and communicate with a remote server thereby allowing hackers access to the infected computer.

The great majority of people who receive this bogus email will not have submitted a resume to Google at all. However, the criminals responsible know that many recipients will be curious enough to open the attachment anyway. Google’s high profile, along with its reputation for offering its employees a highly desirable and innovative working environment may well be enough to cause some recipients to open the attachment without much forethought.

Those responsible for the distribution of this malware also use a number of other ruses to trick recipients into opening email attachments. As well as fake Google “thank you” messages, the malware is also distributed via various other bogus emails, including the following:

Jessica would like to be your friend on hi5!

I set up a hi5 profile and I want to add you as a friend so we can share pictures and start building our network. First see your invitation card I attached! Once you join, you will have a chance to create a profile, share pictures, and find friends.


Thank you for shopping at

We have successfully received your payment.

Your order has been shipped to your billing address. You have ordered ” Dell Inspiron Mini 1011 ”

You can find your tracking number in attached to the e-mail document.

Print the postal label to get your package. We hope you enjoy your order!


Your friend invited you to twitter!

Twitter is a service for friends, family, and co-workers to communicate and stay connected through the exchange of quick, frequent answers to one simple question:What are you doing?

To join or to see who invited you, check the attachment.


Hello! You have recieved a Hallmark E-Card from your friend.

To see it, check the attachment.

Internet criminals constantly use and reuse these and other tactics in order to trick users into installing malware. Users should treat all email attachments with caution, even if they appear to come from friends. Users should also ensure that they have security software installed on their computers, including up-to-date anti-virus and anti-spyware scanners and firewalls.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,