Online employment scams are on the rise. From fraudulent job listings to phishing messages on LinkedIn, they come in many forms, especially in the age of remote work. So how do employment scams work, and how can you spot one before you become a victim?
An employment scam involves a fraudster using fake offers of employment as cover for malicious activity. Their goal will usually be to extort money or information from a victim or to infect their device with malware.
While similar scams existed long before the internet, they’ve proliferated online in recent years, especially in the era of remote work.
Job applicants are used to communicating with potential employers through email, video conferencing, and even direct messages on sites like LinkedIn. Consequently, it’s a lot easier for scammers to postpone or avoid the moment of face-to-face contact that might otherwise give them away.
Some employment scams involve the victim being contacted directly by email or on networking sites like LinkedIn. In recent years, headhunters and recruitment specialists have become a major part of the online employment space. Many genuine employers use freelance or third party agents to engage with potential candidates and encourage them to apply for roles.
Seeing an opportunity, scammers have started impersonating these recruiters, contacting victims online and urging them to apply for vacancies, often at well-known companies. Their messages may involve flattery, but will also create a sense of urgency — quick, click this link to apply before applications close!
Of course, when the victim clicks the link, they can end up downloading malware and viruses, infecting their device and exposing their personal information.
While the end goal of this scam is the same as the phishing messages, the strategy is slightly different. Many people look for employment opportunities primarily online, and so websites like Monster and Indeed sprang up to facilitate job listings.
These websites list tens of thousands of vacancies, with new jobs being added almost continually, so it’s very hard for the site owners to screen every listing to ensure that it’s not a scam. As a result, cybercriminals can often slip vacancies for fake roles onto legitimate job-hunting platforms. It’s not unusual for a listing to include a link to the employer’s website, where they can apply for the position — or in this case, download malware.
Though slightly less common than phishing attacks and fake listings, equipment scams are a growing threat and can be financially devastating.
Here’s how it works. You find a job listing (or are urged to apply via direct message) for a remote work position. However, this time no malware is involved. You really can apply for the role and will then go through a normal online interview process. Soon you receive good news: you got the job!
Then your new employer explains that, since you’re working remotely, you’ll need specific equipment: a better laptop, external hard drives, maybe some premium software. If you buy these items, you can then invoice the company and get that money back, provided you made the purchases through specific online stores recommended by the company.
In reality, these “online stores” are shell websites created by the scammers. Once you’ve spent your money on the recommended items and sent an invoice to your new employer, they disappear, cutting all contact with you.
On some occasions, it’s not the applicant who gets scammed, but the company. Hackers are always looking for ways to get access to the internal workings of corporations, government agencies, and other organizations. One way to do this is to infect an employee’s device with some kind of malware that could allow the hacker to take control of that device.
In fake applicant scams, the perpetrator doesn’t need to get the job — they just need to convince someone inside the company to click on a malware-loaded link. If the hacker can convince the company’s hiring manager to download a file (perhaps disguised as a CV) or click a link purporting to open the applicant’s portfolio, the malware infection can commence.
As soon as a hacker takes control of an employee’s device, they have a wide range of options. They can use that employee’s work email to contact their colleagues, asking for more access to private data and internal networks or spreading ransomware.
The tools available to these scammers are growing increasingly sophisticated. In June 2022, the FBI reported that some fake applicants were using deepfake technology, voice modulating software, and detailed stolen identities to try and get through interview processes.
To protect yourself from these scams, you need to learn to recognize certain red flags and warning signs. Here are some things to look out for.
A healthy dose of skepticism will go a long way to keeping you secure online, especially when it comes to employment scams. However, even with extreme care and vigilance, you might still end up clicking a malicious link by accident.
That’s why we recommend that you use NordVPN. With NordVPN on your device, you can benefit from Threat Protection, a powerful feature that blocks websites known to host malware. This VPN service also enhances your overall security with next-gen encryption, enhancing your safety and privacy online.