Exposing Labor Scams: Shedding Light on Companies Victimized by Phishing Schemes
We know that scams are the order of the day, digital scams, by mail, calls, and WhatsApp. Scammers have dared so much that we as consumers, employees, and candidates must be vigilant and beware of any situation that seems suspicious.
This modality is through job offers. Scammers advertise jobs and business opportunities. They post ads on job offer sites or social networks.
Regardless of the type of task, the offers can range from selling products from home to reshipping products, or the riskiest ones usurp the identity of reputable companies and offer positions to professionals in exchange for high incomes.
The modality is to lure applicants to websites where real employers do, with fake offers that are not available, convince them to share their financial information and steal their money. It's that easy!
Criminals create a fake profile posing as a recruiter or senior management of a hiring company. These fake profiles are in turn connected to more fake profiles that make them look legitimate and genuine.
The scammer establishes a relationship with their victims by sending a friendly LinkedIn introduction message to build trust before moving to the next level: making a formal job offer.
Once the applicant responds and requests more information or even accepts the job offer, the scammer employs phishing methods to acquire the victim's data.
The victim receives a document with the job description. This file may be infected with spyware* or malware** that executes when opened. Sometimes the file includes a link to the company's supposed payroll department, which is an effective way to bypass antivirus software. When the recipient clicks on that link, they are taken to a website created by the scammer where they collect account details that victims believe are for payroll purposes
.Some "staffing agencies" promote fake jobs and charge fees for their supposed services. This is another type of scam. If a real company uses the services of an agency, it is the company that pays for the service, not the applicant.
Using LinkedIn to extend fake job offers is a form of job phishing that is specifically targeted at job seekers, although it is more common for scammers to use Indeed or ZipRecruiter to commit their crimes.
A person perhaps anxious or desperate to find a job does not size up the risk and can provide personal information, primarily because they assume the offer is coming from a legitimate source.
According to figures from del Public Tableau, online job scams have increased and had a spike at the end of 2021 as can be seen in the following graph.
Federal Trade Comission
Cybercriminals pose as professionals, including recruiters, human resources, talent acquisition, and management personnel. As we've already learned, the scams are embedded in more than just job boards; they are also funneled through social networking sites such as Facebook and LinkedIn.According to a phishing report released by cybersecurity company Check Point in Q1 2022, the top ten brands most affected by phishing are LinkedIn (45%), Microsoft (13%), DHL (12%), Amazon (9%), Apple (3%), Adidas (2%), Google (1%), Netflix (1%), Adobe (1%) and HSBC (1%).
If you’re a Job Seeker
What to Do if You Paid a Scammer.
Regardless of how you paid - debit or credit card, money transfer or money order, gift or cash reload card, immediately contact the company you used to send the money, report the fraud, and, if possible, ask them to reverse the transaction. For specific information and recommendations oreversingfferent types of payments, read What to Do If You've Been Scammed.
Report Employment Scams to the FTC
If you see an employment or job scam, or if you lose money to one of these scams, report the incident to the FTC at ReportFraud.ftc.gov You can also report it to your state attorney general.
How to Avoid a Job Scam
Before you accept a job offer, and certainly before you pay for it, follow these steps to protect yourself from employment scams:
Do an online search. Enter the name of the company or person hiring you along with words such as "scam," "review," or "complaint."; You may discover that other people have been scammed.
Talk to someone you trust. Describe the offer. What do you think? This will also help buy vital time to think about the offer.
Do not pay in exchange for the promise of a job. Legitimate employers, including the federal government, will never ask you to pay to get a job. Anyone who does is a scammer.
Never count on money from a "cashed" check. No legitimate potential employer will ever send you a check and tell you to send a portion of the money or buy gift cards with the money. That is a fake check scam. The check will bounce, and the bank will want you to repay the amount of the fake check.
If you are a business
If a company suffered identity theft the HR department needs to work hand in hand with the IT department and has the expertise to block and track fake company activity.
