Scam Alert: Interview & Job Scams

Scam Alert: Interview & Job Scams

There are some topics that might seem irrelevant or not important when it comes to alerting your clients with regard to their online safety and cybersecurity.  One of those might be about the process of looking at other jobs for a career change or simply to supplement their current income.  It’s likely that your client’s employees are not going to be forthcoming that they are, or might be, looking for a new or additional job in the future. But as their IT liaison, you’d be remiss to not mention current scams with them.  And we are hearing a lot about interview scams. 

What To Look For

With online postings the norm, and work-from-home positions on the rise, it can be hard to decipher the fraudulent positions from the real ones.  What are some of the red flags to look for?  There can be one or multiple of these indicators that would indicate a fraudulent posting:

1. Direct contact from an interviewer.  This isn’t a headhunter organization or professional recruiter; this is a person that indicates that they are from the hiring company, and you’ve never applied there or posted your resume online.
2. The company information isn’t available online.  That includes a website, a professional platform like LinkedIn, and other social media outlets. 
3. It’s too good to be true.  Your gut knows when something seems too good to be true, make sure that your head and heart are aligned, and you aren’t falling for a dream that is likely not reality. An unrealistic salary for a role (you can compare online with multiple resources) is a key indicator that it might be a fraud. Also, be wary of a vague description of the job details when you ask for them. 
4. Unprofessional correspondence.  If anyone at the hiring company is unprofessional with grammatical errors, typos, or just sloppy, you should pause and investigate further.
5. Lack of contact details.  Do their email addresses indicate that they are at the company they are hiring for?  Can you obtain a phone number, address, or general email for the headquarters? Do you know the official title of the person that has contacted you? This should all be easy to obtain or see in their email correspondence.
6. Interviews are conducted via chat.  While a video interview is normal, the interview process should not be conducted over chat and if it does, it is far more likely to be a scam than it is to be a legitimate job.
7. You need to pay for the interview.  A legitimate company will not ask for money to interview. They will not request that you pay for software that you need to interview or start the job. They should be paying you.  This includes asking that you download software to interview.  That link could be dangerous.
8. A request to disclose personal or confidential information in the interview process.  This includes your social security number, address, birth date, or other identifying information.  Additionally, never provide credit card or financial information for a job interview.
9. Avoiding responses when questioned about the company.  If the interviewer cannot provide answers to your questions about the job or the company, or direct you to someone who can, this likely indicates fraudulent intentions. 

Again, we are aware that your clients might not want to promote job-seeking scams. But with so many people taking on “side hustles,” it is important to remind them that the security of the business is centered around their human behaviors.  What they do outside of the office can very much affect what happens inside.  Additionally, sharing this scam information with your community and connections is a great way to warn others and establish yourself as a trusted security advisor.

Encourage everyone to remain diligent in their cybersecurity posture! With tools like our ongoing training, this can be an easy part of their practice. Additionally, you can use the new client newsfeed to post about this type of scam and keep them engaged with all of the latest cybersecurity news!