With layoffs spiking nationwide in multiple industries in 2023, cybercriminals are on the prowl targeting employers, employees, and job seekers alike.
Employers looking for cost-saving programs and talent to help fill gaps must be vigilant when searching for new solutions and onboarding vendors just as diligently as when they recruit new talent to join the team.
Employees must be aware of potential phishing scams targeting them about benefits updates or payment preference confirmations.
Job seekers aren’t forgotten about though and provide phishers an easy opportunity to prey on potential panic to find a new position. It’s of paramount importance to remain vigilant against employment scams targeting vulnerable individuals in search of employment. These scammers use various tactics to defraud unsuspecting targets, including offering fraudulent job offers, requesting personal information, and posing as legitimate employers. So, how can you stay safe while searching for employment? Here are three of the best safety tips to avoid falling victim to these employment phishing scams.
Tip #1: Research the Company
Before you provide any personal information of any kind, do some reconnaissance.
If you’ve received an unsolicited request for additional information beyond your public resume from an organization you can’t find a confirmation of applying to, pause first and find out if the request is coming from a legitimate employer.
If the request appears to be from a real employer, and in response to an application you submitted, ensure it’s legitimate before responding quickly. Researching the company you’re applying to is one of the essential steps you can take to protect yourself from employment scams. Scammers often create fake companies to lure job seekers into applying for fake job postings. Scammers also use real company names to trick people into believing they are offering a real job.
Search for the employer’s website and check out their social media profiles for open job postings to cross-check any “open positions'' you may be applying to or be offered. If there are any news articles or reviews about the company that raise eyebrows, dig deeper before applying or responding to a request. If the company is legitimate, you should be able to find plenty of information about them and confirm an open position. If you’re unable to find any information about the company, it may be a sign the posting or request is a scam.
A common scam involves fake recruiting firms looking to exploit job seekers desperate to find work. Some reported scams have even documented job seekers being defrauded thousands of dollars by these fake recruiting firms. A fake recruitment firm can request funds in various manners for multiple seemingly legitimate actions. Anything from a request for services rendered to providing funds for background checks, drug screens, or additional administrative fees can appear real and even exciting if you’ve just been told you landed a new position. Don’t fall for it and remember companies won’t put the cost of background checks or drug screens on new employees. Do your homework to ensure you understand any fees you would owe a recruiter for services rendered or the percentage the firm can take out of your soon-to-be paycheck too!
Tip #2: Beware of Unsolicited Job Offers
Unsolicited job offers can be exciting for an out-of-work job seeker. If you didn’t apply, you’d rarely be offered a position first. Even legitimate recruiters will ask you to apply or submit your application on your behalf without divulging personal information beyond that in your resume. These fraudulent offers can come via email, phone, or social media, often requiring you to provide personal information or pay a fee upfront. No legitimate business requires you to provide monetary funds or financial information before starting employment.
Elaborate schemes may suck you in early and then request a driver’s license or multiple forms of identification to verify employment. This is where an unsuspecting applicant should be extra cautious and wary if they’ve never corresponded beyond email. Any job offer that seems too good to be true or requires you to pay money before you can start working isn’t legitimate!
Legitimate employers will not ask applicants to pay a fee to apply for a job or to provide their personal information before being hired. If you receive an unsolicited job offer, research the company, and do not provide any personal information until you’ve confirmed the offer is legitimate.
It’s incredibly easy to identify easy targets with a quick search on LinkedIn to those “open to work” and send a message or email if contact information is provided offering an opportunity and requesting bank details to set up direct deposit. If you haven’t established contact with an employer, do not provide bank routing information or a Social Security number.
Tip #3: Protect Your Personal Information
Scammers often use phishing tactics to obtain personal information from job seekers and applicants. They may ask for your Social Security number, bank account information, or other sensitive data. Protecting your personal information is the most surefire way to avoid falling victim to employment scams.
If you don’t know the requester or can’t validate that the request is legitimate, don’t provide the requested information! Legitimate employers will ask for your personal information after you’ve been hired and not during the application process. But remember to be wary of a fast hiring process with sketchy processes or lack of questioning resulting in your hiring and request for information.
Let’s say your former employer requests you to provide or confirm personal information or banking details to process payment they owe you or a miscalculation resulting in additional funds being allocated. The email or request may appear legitimate and look like a real communication you recall receiving from the human resources team while employed there. Providing Social Security numbers or sensitive information digitally without confirmation of the request being legitimate isn’t good practice. Your former employer could have been compromised and the email signature and template copied or duplicated to appear legitimate. It’s important to confirm requests with the source directly and be cautious whenever providing private details.
For a comprehensive analysis of your cyber training program, contact our team of subject matter experts dedicated to creating tailored programs to fit your needs.
What are the strengths, weaknesses, opportunities, and threats to a security awareness training program?
Phishing kits are becoming one of the most accessible components within a cybercriminal's arsenal.
Deepfakes are on the rise with AI. Are you ready to defend against them?
