People are looking for a change or a new job more than ever since the pandemic. As a result, the number of job adverts posted online is the highest since before the pandemic by over 150% (according to the ONS).
However, many cybercriminals are taking advantage of this increased activity and are creating fake job postings. These fake adverts aim to trick you into revealing personal/financial details or handing over money for phoney services to scammers instead of the recruitment firm or employer you thought you were talking to.
As shown by the Office for National Statistics, there are more vacancies in the United Kingdom than ever before - ending the year with over 1 million. Such an increase in vacancies has flooded the market with job postings in various sectors.
Watch out for these Employment Scams
Cybercriminals are taking advantage of the hot job market and injecting job listings that look like the original job posting. ZScaler has found that attackers scrape and reuse the contents of actual job postings to convince applicants the post is legitimate.
Some scams can gather personal information from a prospective applicant, asking for critical information like name, date of birth, address, and national insurance numbers, which they can use to impersonate you and commit other offences. In addition, personal information could be used for any number of nefarious purposes, such as taking over victims' accounts, opening new financial statements or using the victims' identities for other scams.
More sophisticated scams take it even further. For example, once a person applies to a fake job listing, the attacker will reach out via a source such as LinkedIn and start a seemingly realistic application process, gathering more personal information from victims as they go. The next stage is an attacker conducting false interviews or asking for money for an initial training package or starter kit.
Employment scams are a growing problem:
In 2020, the FBI's Internet Crime Complaint Center (IC3) reported 16,012 victims, with losses exceeding $59 million
In the first quarter of 2022, Americans lost $68 million due to fake business and job opportunities, according to the Federal Trade Commission (FTC)
In the UK, Cifas members recorded almost 158,000 cases of identity fraud in the first nine months of 2021, equivalent to one person every 2.5 minutes.
This is a significant issue on an international scale.
How can you Spot a Fake Job Advert?
To protect yourselves from these risks, you should look out for these red flags:
Interviews are not conducted in person or through secure video conferencing applications
Potential employers require employees to purchase equipment or transfer money to the business as a fee
Potential employers requiring credit card information of employees
Potential employers are emailing from regular domain emails, such as @gmail.com or @yahoo.com
Non-standard domain names. Particularly: .online, .live, .xyz
Unsolicited job offers from companies with little to no presence on the internet
Job postings appear on job boards but not on their website
If you receive a job offer via SMS, report it to 7726
What are the Best Practices for Staying Safe Online Searching for a New Job?
Best practices while searching for a new job include:
Reach out directly to the company through official contact information to confirm the job listing
Only submit job applications through verified sources like the company's official website or authentic job boards
Be cautious of conversations with unofficial company email addresses
If unfamiliar with a company, search the company name with the keywords "fraud" or "scam". You may find stories or additional information.
Never make any payment for a job application or job offer
Protecting Yourself from Cyber Crime in Your Job Search
To avoid falling victim to employment scams, being vigilant and confirming job postings' authenticity before engaging with them is essential.
Talk to us about Security Awareness Training and our Digital Footprint Assessment for a more in-depth understanding of cybercrime prevention.
Guidance for businesses Recruiting New Staff
As businesses continue to expand and grow, the need for new employees also increases. Unfortunately, with this comes the risk of cybercrime and fake job postings that can compromise a company's reputation and finances.
Here are three key ways businesses can protect themselves when recruiting new employees:
Use reputable recruitment tools, job boards and companies
Provide clear communication channels for applicants to contact your company
Remove old job adverts when they close
By following these three steps, businesses can help protect themselves and their potential employees from cyber threats and reduce the risk of cybercrime. Companies can also stay vigilant and educate themselves about the latest scams and how to avoid them.
Become a member of the Cyber Resilience Centre today to learn more about the latest scams, security updates and guidance for SMEs.
header.all-comments