Job searches are stressful enough. Adding the threat of being scammed by fraudulent employers is the last thing anyone in that position needs. The following real-life example comes from a member of our production team, whose boyfriend has been in the process of finding work and experienced it firsthand. Check out his story and think about what you would have done in this situation:
Yesterday morning I got a phone call from someone claiming to be from (company name redacted), asking if I had received an email from them about a job opportunity in my field. I checked and had only received the email a few minutes before the call. The job description was only a few bullet points, but it was related to my engineering experience. The woman had a heavy accent and used weird phrasing so it was hard to understand, but I found out the position had a much lower pay rate than I would expect. She said she’d send me an email to confirm the rate plus a few other questions, and then asked how soon she could expect a reply. Not knowing what the questions were or how long it would take, I told her within two hours but she was very insistent that it be as soon as possible. A short time after our call ended, she called back asking if I had received the email and urged me to fill it out as soon as possible.
The questions in the email were a list instead of a form, asked about things they could find directly on my resume, and requested unnecessary information like my Skype ID, date of birth, and social security number. I filled out half of the questions with ‘see attached resume’ or ‘not relevant’ and sent it back. Within five minutes she called back asking for the rest of the information. I told her that I wasn’t comfortable giving any more information and she responded by saying that she’d talk to her manager and would call me back shortly. I never heard from her again.
So, is this a scam? Let’s go through our checklist:
A call out of the blue from an unknown person? ✔
A sense of urgency not so unlike phishing emails? ✔
Use of awkward phrasing or language that’s hard to understand? ✔
A request for personal information? ✔
Something doesn’t smell right. This scenario displays all the usual signs of a scam. And as if we need more proof, here’s the email from the company requesting information. Notice anything odd?
Again, we have all the signs of a scam: poor grammar, awkward phrasing, and requests for personal information. For example, look at the D.O.B. (date of birth). Why would a company only want the month and day? And there’s no official form of any sort; just a random list sent via email.
Our friend was on to this scam from the start and wisely refused to satisfy their requests. Unfortunately, the problem with these types of attacks is they hunt folks that need work. When someone needs work, they are much more likely to play along and release sensitive information. Social engineers prey on those exact circumstances.
The moral of the story is this: never give out personally identifiable information to anyone, and remain skeptical of all requests. If you’re in the market for a job, follow these steps to spotting potential scams:
5 Ways To Spot an Employer Scam
They request sensitive information upfront.
In most cases, when an employer is interested in hiring you, they will look over your resume, contact you to schedule an interview, and then once the interview process is completed, you will either be hired or not hired. Until that time, there is no reason they need sensitive information like your address, Visa, or social security number.
They don’t request in-person interviews.
A huge sign you are dealing with scammers is if all communication is conducted via text, email, or phone calls. In most cases, a legitimate employer is going want to meet you in person, even if it’s via a Skype or some other video call.
They feature a sense of urgency.
Just like in the real-life example above, the scammers are going to insist that you send personal information ASAP. They do this to encourage a quick reaction and reduce the time you have to research the company in question. It’s no different from phishing emails that contain urgent or threatening language. Social engineers use intimidation and fear tactics to get people to click quickly.
They send informal and oddly worded emails.
Your resume should contain all of the necessary information that an employer needs in order to proceed with the interview process. If you receive an email asking for additional or duplicate information, especially one that contains odd language or poor grammar, don’t respond!
Their offer is too good to be true.
If you get a job offer with a salary that is well above what you’d expect, then you should be immediately suspicious. This is especially true for entry-level positions that require little or no experience. Treat promises of extraordinary pay or benefits with a heavy dose of skepticism.
As always, a little common sense goes a long way. Research companies that contact you with job offers by Googling their name, calling direct numbers, and reading any reviews you can find. If you suspect that a company is scamming you, report them to the relevant job-posting site ASAP! (Craigslist, Monster.com, etc.).
Latest posts by Justin Bonnema (see all)
- Incident Response: Time Is Not On Your Side - April 1, 2019
- 5 Traits of Security Aware Parents - March 14, 2019
- Bad Habits of Senior Managers That Put Security of Organizations at Risk - March 1, 2019