A targeted lure dressed up as a job application shows how ordinary business workflows can be turned into an execution path for staged malware, persistence, and remote access.