Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

What is an employment scam?

Online employment scams are on the rise. From fraudulent job listings to phishing messages on LinkedIn, they come in many forms, especially in the age of remote work. So how do employment scams work, and how can you spot one before you become a victim?

Malcolm Higgins

Malcolm Higgins

What is an employment scam?

What is an employment scam?

An employment scam involves a fraudster using fake offers of employment as cover for malicious activity. Their goal will usually be to extort money or information from a victim or to infect their device with malware.

While similar scams existed long before the internet, they’ve proliferated online in recent years, especially in the era of remote work.

Job applicants are used to communicating with potential employers through email, video conferencing, and even direct messages on sites like LinkedIn. Consequently, it’s a lot easier for scammers to postpone or avoid the moment of face-to-face contact that might otherwise give them away.

Types of employment scam

Phishing messages

Some employment scams involve the victim being contacted directly by email or on networking sites like LinkedIn. In recent years, headhunters and recruitment specialists have become a major part of the online employment space. Many genuine employers use freelance or third party agents to engage with potential candidates and encourage them to apply for roles.

Seeing an opportunity, scammers have started impersonating these recruiters, contacting victims online and urging them to apply for vacancies, often at well-known companies. Their messages may involve flattery, but will also create a sense of urgency — quick, click this link to apply before applications close!

Of course, when the victim clicks the link, they can end up downloading malware and viruses, infecting their device and exposing their personal information.

Fake job listings

While the end goal of this scam is the same as the phishing messages, the strategy is slightly different. Many people look for employment opportunities primarily online, and so websites like Monster and Indeed sprang up to facilitate job listings.

These websites list tens of thousands of vacancies, with new jobs being added almost continually, so it’s very hard for the site owners to screen every listing to ensure that it’s not a scam. As a result, cybercriminals can often slip vacancies for fake roles onto legitimate job-hunting platforms. It’s not unusual for a listing to include a link to the employer’s website, where they can apply for the position — or in this case, download malware.

Equipment scams

Though slightly less common than phishing attacks and fake listings, equipment scams are a growing threat and can be financially devastating.

Here’s how it works. You find a job listing (or are urged to apply via direct message) for a remote work position. However, this time no malware is involved. You really can apply for the role and will then go through a normal online interview process. Soon you receive good news: you got the job!

Then your new employer explains that, since you’re working remotely, you’ll need specific equipment: a better laptop, external hard drives, maybe some premium software. If you buy these items, you can then invoice the company and get that money back, provided you made the purchases through specific online stores recommended by the company.

In reality, these “online stores” are shell websites created by the scammers. Once you’ve spent your money on the recommended items and sent an invoice to your new employer, they disappear, cutting all contact with you.

Fake applicants

On some occasions, it’s not the applicant who gets scammed, but the company. Hackers are always looking for ways to get access to the internal workings of corporations, government agencies, and other organizations. One way to do this is to infect an employee’s device with some kind of malware that could allow the hacker to take control of that device.

In fake applicant scams, the perpetrator doesn’t need to get the job — they just need to convince someone inside the company to click on a malware-loaded link. If the hacker can convince the company’s hiring manager to download a file (perhaps disguised as a CV) or click a link purporting to open the applicant’s portfolio, the malware infection can commence.

As soon as a hacker takes control of an employee’s device, they have a wide range of options. They can use that employee’s work email to contact their colleagues, asking for more access to private data and internal networks or spreading ransomware.

The tools available to these scammers are growing increasingly sophisticated. In June 2022, the FBI reported that some fake applicants were using deepfake technology, voice modulating software, and detailed stolen identities to try and get through interview processes.

How to protect yourself from employment scams

To protect yourself from these scams, you need to learn to recognize certain red flags and warning signs. Here are some things to look out for.

    1. You’re dealing with an account that was created very recently. Whether this is the company profile that listed a job on a legitimate website or that of the recruitment agent who just messaged you on LinkedIn, check how long they’ve been active. If it looks like they popped into existence in the last week, with no previous history, beware.
    2. The job offer seems too good to be true. A rate of pay high above the industry average, low working hours, an employer willing to take you on without an interview — none of these things in isolation confirm that it’s a con, but they should raise your suspicions.
    3. The employer has no online presence. Even small companies leave digital paper trails, so when considering a job offer, make sure to research the employer carefully. Are they listed on government websites or trademark databases? Can you find reviews from customers and former employees? And even if the company is real, does the person you’ve been messaging have an online presence that can be verifiably linked to that company?
    4. The listing projects a sense of urgency. This is a classic technique in many scams, and it’s especially true here. The perpetrators try to convince you that time is limited and that if you don’t rush to click a certain link right now you’ll miss an amazing opportunity. But that’s very rarely how the hiring process works, and if someone is rushing you to do something, it’s often because they don’t want you to stop and think.

A healthy dose of skepticism will go a long way to keeping you secure online, especially when it comes to employment scams. However, even with extreme care and vigilance, you might still end up clicking a malicious link by accident.

That’s why we recommend that you use NordVPN. With NordVPN on your device, you can benefit from Threat Protection, a powerful feature that blocks websites known to host malware. This VPN service also enhances your overall security with next-gen encryption, enhancing your safety and privacy online.

Online security starts with a click.

Stay safe with the world’s leading VPN


Malcolm Higgins
Malcolm Higgins Malcolm Higgins
Malcolm is a content writer specializing in cybersecurity and tech news. With a background in journalism and a passion for digital privacy, he hopes his work will empower people to control their own data.