Employment scams have been around for quite some time. Whether you fell for one or not, you have likely come across them before. Many credible employment and job listing websites still lack strong verification processes for new accounts allowing scammers to easily create fake profiles. The hot job market and ongoing pandemic stress make for a perfect recipe for bad actors to con jobseekers out of money.
According to the Federal Trade Commission, (FTC) Americans were scammed out of $68 million due to fake business and job opportunities in the first quarter of 2022. This begs the question; how can we avoid falling for employment scams? Let us consider some tips to keep us safe and improve our awareness towards scams like these.
Personal Recruitment
Scammers often take a direct approach by contacting their victims over the phone, phishing emails, or even through social media. They may pose as a recruiter or as part of a staffing or temp agency looking for candidates to fill open “employment opportunities.” Scammers may also pretend to be from a trusted company and link their “website” in the message. However, these links may lead victims to a phony website created by the scammers to add a sense of legitimacy.
If engaging in conversation, the scammer may claim that they do not conduct interviews either in-person or secure video call. But rather, interviews are conducted via teleconference applications that use email addresses instead of phone numbers. They may also claim that a fee must be paid to proceed with the interview process, background screenings, “starter kits,” or onboarding.
If a victim buys into a fake job recruitment, they may give up highly sensitive information such as their social security number. Doing so would allow a malicious actor to steal the victim’s identity.
Enticing Job Descriptions
All too often, scammers will try to make their supposed job opportunities look as enticing as they can. The offer may seem almost guaranteed, with promises of little effort to get rich quick and lavish returns. A job “perk” that a scammer may promise is the ability to work from home with a “flexible work schedule.” Common work-from-home scams to look out for are:
Reshipping scams. These may be labelled as “quality control managers” or virtual personal assistants. Once “hired,” your job will be to receive shipments to your home. You will then re-package and re-ship said products to a different address, often overseas. The company will often promise you will receive your paycheck after working for a certain amount of time. By the time the victim realizes no check is coming, the scammer is long gone.
Reselling merchandise. Victims are told they can make money by buying name-brand products at discounted prices from the fake company and then re-sell the merchandise for a profit. After paying for said “products” however, the package never arrives, and the employer can no longer be contacted.
Fake Check Scams
Malicious actors may also use fake job postings for nannies, caregivers, virtual assistants, or mystery shoppers. According to the FTC, these may be fronts for fake check scams. Often, a scammer will send a check to the victim and ask them to deposit it. Shortly after, the scammer will then come up with a reason why they need some of the money returned (i.e., you were overpaid, or a fee is required for start-up equipment).
The FTC states that a legitimate employer will never ask you to do that. So, this can only mean that the check received is a fake. Since banks are required by law to make deposited funds quickly available, the scammer hopes that the victim will send back the money before they have noticed the check has bounced. Once this has happened, the victim is either left with money lost, or worse, money now required to be paid back to the bank.
How to Avoid Employment Scams
We have discussed just a few of the many ways scammers can use employment scams to dupe their victims. With this in mind, here are a few red flags to help us spot and avoid employment scams:
- Unsolicited job offers from companies with little to no presence on the internet. Their “website” may be linked, however tread cautiously. This could simply be a fake website or even just a malicious URL. If you need to see if the company is legitimate, try visiting their website on your own by typing it in a browser.
- Job offers and description seem too good to be true and guarantee large returns in a short amount of time.
- Incorrect domain names or email addresses. If a scammer is impersonating a legitimate company, there will likely be misspellings in the email address they are sending from. This will often be hard to spot with a quick glance. Also beware of standard @gmail or @yahoo email addresses used by the “employer.” A corporation will never reach out to you using personal email.
- Messages that ask you to pay a fee or provide personal details to access more information about the job or start-up materials.
- Interviews are only conducted on teleconferencing apps using email addresses instead of phone numbers. Not conducted in-person or using a secure video call.
- Potential employers ask you to return part of the money sent to you via check.
Increasing Awareness Leads to Better Security
As you may know, October is Cybersecurity Awareness Month. There are many different facets that make up cybersecurity. At the forefront are steps such as using strong passwords, using a password manager, or using a VPN. These are especially useful for both corporations and individuals.
In this article, we discussed ways scammers may try to breach our personal security by means of employment scams. By learning about them, they provide important tips that fall in line with cybersecurity such as being aware of phishing, practicing safe clicking, and of course protecting your personal information.
By increasing our awareness of the tactics malicious actors use, we will be better equipped to protect ourselves when a scammer confronts us.
At Social Engineer LLC, our purpose is to bring education and awareness to all users of technology. For a detailed list of our services and how we can help you achieve your information/cybersecurity goals please visit: