top of page
  • Writer's pictureSai Putravu

Cyber Crime and Fake Job Adverts: How to protect yourself when searching for a new job

People are looking for a change or a new job more than ever since the pandemic. As a result, the number of job adverts posted online is the highest since before the pandemic by over 150% (according to the ONS).


However, many cybercriminals are taking advantage of this increased activity and are creating fake job postings. These fake adverts aim to trick you into revealing personal/financial details or handing over money for phoney services to scammers instead of the recruitment firm or employer you thought you were talking to.


As shown by the Office for National Statistics, there are more vacancies in the United Kingdom than ever before - ending the year with over 1 million. Such an increase in vacancies has flooded the market with job postings in various sectors.

ONS: Number of vacancies in the UK, seasonally adjusted, June to August 2003 to June to August 2022

Watch out for these Employment Scams


Cybercriminals are taking advantage of the hot job market and injecting job listings that look like the original job posting. ZScaler has found that attackers scrape and reuse the contents of actual job postings to convince applicants the post is legitimate.

Some scams can gather personal information from a prospective applicant, asking for critical information like name, date of birth, address, and national insurance numbers, which they can use to impersonate you and commit other offences. In addition, personal information could be used for any number of nefarious purposes, such as taking over victims' accounts, opening new financial statements or using the victims' identities for other scams.


More sophisticated scams take it even further. For example, once a person applies to a fake job listing, the attacker will reach out via a source such as LinkedIn and start a seemingly realistic application process, gathering more personal information from victims as they go. The next stage is an attacker conducting false interviews or asking for money for an initial training package or starter kit.


Employment scams are a growing problem:

  • In 2020, the FBI's Internet Crime Complaint Center (IC3) reported 16,012 victims, with losses exceeding $59 million

  • In the first quarter of 2022, Americans lost $68 million due to fake business and job opportunities, according to the Federal Trade Commission (FTC)

  • In the UK, Cifas members recorded almost 158,000 cases of identity fraud in the first nine months of 2021, equivalent to one person every 2.5 minutes.

This is a significant issue on an international scale.


How can you Spot a Fake Job Advert?


To protect yourselves from these risks, you should look out for these red flags:

  • Interviews are not conducted in person or through secure video conferencing applications

  • Potential employers require employees to purchase equipment or transfer money to the business as a fee

  • Potential employers requiring credit card information of employees

  • Potential employers are emailing from regular domain emails, such as @gmail.com or @yahoo.com

  • Non-standard domain names. Particularly: .online, .live, .xyz

  • Unsolicited job offers from companies with little to no presence on the internet

  • Job postings appear on job boards but not on their website

  • If you receive a job offer via SMS, report it to 7726


What are the Best Practices for Staying Safe Online Searching for a New Job?


Best practices while searching for a new job include:

  • Reach out directly to the company through official contact information to confirm the job listing

  • Only submit job applications through verified sources like the company's official website or authentic job boards

  • Be cautious of conversations with unofficial company email addresses

  • If unfamiliar with a company, search the company name with the keywords "fraud" or "scam". You may find stories or additional information.

  • Never make any payment for a job application or job offer

Protecting Yourself from Cyber Crime in Your Job Search


To avoid falling victim to employment scams, being vigilant and confirming job postings' authenticity before engaging with them is essential.


Talk to us about Security Awareness Training and our Digital Footprint Assessment for a more in-depth understanding of cybercrime prevention.


Guidance for businesses Recruiting New Staff


As businesses continue to expand and grow, the need for new employees also increases. Unfortunately, with this comes the risk of cybercrime and fake job postings that can compromise a company's reputation and finances.


Here are three key ways businesses can protect themselves when recruiting new employees:

  • Use reputable recruitment tools, job boards and companies

  • Provide clear communication channels for applicants to contact your company

  • Remove old job adverts when they close

By following these three steps, businesses can help protect themselves and their potential employees from cyber threats and reduce the risk of cybercrime. Companies can also stay vigilant and educate themselves about the latest scams and how to avoid them.

Free Membership banner for recruiters

Become a member of the Cyber Resilience Centre today to learn more about the latest scams, security updates and guidance for SMEs.

Comentários


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.

 

Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.

 

This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page