top of page

How cyber-crime and fake job ads may hinder your quest for a new job

People are searching for jobs or a change of career more than ever before since the pandemic. As a result, the number of job advertisements posted online has increased by more than 150% since before the pandemic (according to the ONS). But not all are real. Look out for red flags, and find out how to avoid scams.


Many cybercriminals are exploiting this increased activity in the job-seekers' domain by creating bogus job postings. These fake advertisements are designed to trick you into disclosing personal or financial information or paying for bogus services.


According to the Office for National Statistics, there are more vacancies in the United Kingdom than ever before, with over 1 million at the end of last year. A surge in vacancies has flooded the market with job postings in a variety of industries, but you should adopt caution when jobhunting, because not everything is as it seems.


Also, the old adage of 'if it looks too good to be true, it probably is', comes into effect here. So what should you be looking out for? How do you spot a fake job scam?


It's tricky, because some job listings look identical to the original job posting. According to ZScaler, attackers scrape and re-use the content of actual job postings to convince applicants that the posting is legitimate.

Some scams collect personal information from prospective applicants, such as name, date of birth, address, and national insurance numbers, which they can use to impersonate you and commit other crimes. Furthermore, personal information could be used for a variety of nefarious purposes, including taking over victims' accounts, opening new financial statements, or using victims' identities in other scams.


Scams that are more sophisticated go even further. For example, if a person applies to a fake job listing, the attacker will contact them through a source such as LinkedIn and begin a seemingly legitimate application process, collecting more personal information from victims as they go. The attacker then conducts false interviews or requests money for an initial training package or starter kit.


On a global scale, this is a significant issue, as the stats show...

  • The FBI's Internet Crime Complaint Center (IC3) reported 16,012 victims in 2020, with losses totaling $59 million.

  • According to the Federal Trade Commission, Americans lost $68 million in the first quarter of 2022 as a result of bogus business and job opportunities (FTC)

  • Cifas members in the United Kingdom recorded nearly 158,000 cases of identity fraud in the first nine months of 2021, which equates to one person every 2.5 minutes.


How can you Spot a Fake Job Advert?


To protect yourself from these dangers, keep an eye out for the following red flags:

  • Interviews are not held in person or via secure video conferencing apps.

  • As a condition of employment, potential employers may require employees to purchase equipment or transfer funds to the company.

  • Potential employers requesting employee credit card information

  • Potential employers are emailing from standard domain addresses like @gmail.com or @yahoo.com.

  • Domain names that are not standard. Specifically: .online,.live, and.xyz

  • Unsolicited job offers from companies with little to no online presence

  • Job postings are available on job boards but not on the company's website.

  • If you receive a job offer via SMS, please notify 7726.

What are the best practices for staying safe while job searching online?


Best practices while searching for a new job include:

  • To confirm the job listing, contact the company directly using the official contact information.

  • Only apply for jobs through reputable sources, such as the company's official website or legitimate job boards.

  • Conversations with unofficial company email addresses should be avoided.

  • If you are unfamiliar with a company, Google the company name and the keywords "fraud" or "scam" to learn more. You may come across stories or additional information.

  • Never pay for a job application or a job offer.

Advice for businesses recruiting new staff


As businesses continue to expand and grow, so does the demand for new employees. Unfortunately, this increases the risk of cybercrime and phoney job postings, which can jeopardise a company's reputation and finances.


Here are three key ways businesses can protect themselves when recruiting new employees:

  • Employ reputable recruitment tools, job boards, and businesses.

  • Make it easy for applicants to contact your company by providing clear communication channels.

  • Remove old job postings when they expire.

Businesses can help protect themselves and potential employees from cyber threats and reduce the risk of cybercrime by following these steps. Companies can also remain vigilant and educate themselves on the most recent scams and how to avoid them.


Join the EMCRC community today to learn more about the latest scams, security updates, and SME guidance.

 

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

 

コメント


The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.

 

EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page