The economic downturn is already a devastating blow to job seekers everywhere. Now scammers are taking advantage of the situation by ramping up their methods of swindling people.
Job scamming is a threat to job seekers all over the world. For example, the Better Business Bureau (BBB) reported an increase in job scam complaints in the United States and Canada in the past several years. Singapore job seekers lost $660 million SGD ($495 million USD) in 2022 alone. And in the UK, 10,000 people were approached on LinkedIn and Facebook by “foreign spies and malicious actors” to steal information.
Phishing attacks and malware are the primary methods of scamming job seekers, according to a February 2023 Trellix report. Scammers create fake websites, often employing typosquatting. A fake site uses a real name like Indeed that’s slightly misspelled (such as “Indeeed” or “lndeed”) or extends the URL in hopes the job seeker will not notice the base domain name. These sites appear legitimate and are used to steal passwords and financial information.
The alternative is asking a job seeker to download a file or click on a link that contains malware as another method of stealing sensitive information. Some of the malware Trellix identified include the Trojans Emotet, Cryxos, and Agent Tesla.
Gabriel Friedlander, the founder of security training site Wizer, says these job opportunities offer great pay and remote work flexibility as a lure to steal Social Security numbers or send fake checks for equipment purchases to get that person’s bank information.
Who’s Most Vulnerable
Job scams can affect people of any gender, race, ethnicity, or age. Because many people seek employment quickly to prevent income gaps, they may be more prone to being scammed.
Roger Grimes is KnowBe4’s data-driven defense evangelist. He says that similar to a romance scam, people become emotionally invested in finding the right job. He says even people trained to seek out scammers can be caught up in a scheme.
“It’s just human behavior,” Grimes says. “We want to trust people, and you start to give them the benefit of the doubt.”
How to Fight Off Scams
Legitimate job companies will never ask for money to purchase equipment, training, or background checks. Always be skeptical of companies like these and you’re far less likely to be scammed.
If things are moving too fast, it’s most likely a fake job. Most jobs aren’t landed after just one remote interview. Also, be wary of companies that want to move conversations outside of typical platforms like LinkedIn.
“Be reasonable,” Friedlander says. “Does this job make sense? Is this too good to be true? Here’s the thing with scammers in general. Their problem is time. They have to close the deal fast. Everything is just rapidly happening because they have to close before they get detected.”
The BBB recommends calling or going directly to a company website, especially if the job description is vague. Other tips include not clicking any links, downloading any files, calling numbers, or replying to email addresses that are being given.
LinkedIn is rolling out new measures to ensure people are who they say they are. However, one of the verification tools requests government identification. This can be problematic for some people, including transgender or nonbinary individuals who have changed their names but are unable to do so on official documents.
Learn From the Experience
Once a job seeker has been scammed, one study noted that seekers are less likely to keep pursuing job opportunities. They tend to blame themselves or their lack of savviness to detect scams.
“The people that I’ve talked to that had been scammed, they feel utterly broken,” Grimes says. “It can be really tough on them, just because they were trusting people.”
Job seekers should stay guarded to ensure they aren’t scammed again. But instead of being discouraged, they should use this to drive them forward in their job search.
“Once you know the magic, then you can’t unsee it,” Friedlander says. “That’s all it is. You just need to be aware of the trick.”
Source: www.darkreading.com