Job Scams in 2024: How to Spot Fake Job Offers and Recruiters
Job scams have always existed. People have impersonated companies, posted fake jobs, and sent fake job offers for as long as jobs have been around. But as protecting your identity has become more important, job scams have become more elaborate. In the last 3-5 years, we’ve seen a major increase in employment-related scams.
As identity has risen in importance and is having a moment, so have job scams.
Mike Kiser
Job Scams Are on the Rise
According to the FTC, there was a 76% increase in business and job opportunity scams in 2022, compared to 2021. This increase coincides with the rise of remote and home-based working since 2020. It’s significantly easier to hide a real identity or operate under a fake identity online. There are plenty of legitimate remote work jobs, but if you want to work from anywhere, you have to be cautious.
Most job scams involve remote working arrangements. When everyone’s working remotely, employment scammers are going to target remote workers. They frequently offer remote full-time jobs or jobs that can be done in addition to another full-time job, which is what remote workers generally want.
Types of Employment Scams
Job scams come in multiple formats with different goals. Let’s take a look at the most common examples.
Work-From-Home Job Scams
Fake jobs that claim you can work from home or 100% remotely are probably the most prolific. Scammers use a variety of schemes, including:
- Reshipping scams: The company asks you to receive packages at home, remove the original packaging and shipping label, then ship it to a new address that they’ve given you. They’re essentially using you as part of a larger scam to sell high-value goods that were purchased with stolen credit cards.
- Equipment purchases: You get an offer for a remote job and then have to submit a payment for your remote work equipment, like a computer or monitor. They offer to reimburse you on your first paycheck, but then cease all contact once they get the money.
- Fake check scam: According to the FTC, fake check scams make up about one-third of all reported employment scams. The company sends you a check to deposit and use the funds to buy yourself remote-working office equipment. But the check isn’t real and you end up spending your own money on equipment for a job that doesn’t exist.
Job Placement Scams
Job placement services help job seekers search for jobs that match their qualifications. These firms usually don’t charge a fee to job candidates — the hiring company pays the fee. If you get contacted by what appears to be a placement firm offering to help you find a job and they ask for a fee, it’s probably a scam.
Government Job Scams
Government agencies never ask you to pay a fee to apply for a job or get more information about the listing. If you come across a government or postal service job listing that’s asking for money, it’s a scam. Also, keep in mind that most government jobs are only available through USA Jobs or other official channels.
Fake Job Listings
Sites like LinkedIn and Indeed are full of fake job listings hoping to catch desperate job seekers in their trap. They might have a domain name that looks almost identical to a real company’s name. Or they might have hacked a real company’s LinkedIn page and listed fake jobs to get applicants’ personal information. If the listing asks you to give any money upfront or provide sensitive personal information like your Social Security number, it’s a scam.
Email Offers
You might get contacted by someone about a job that you didn’t even apply for, claiming they found your resume on a job board. Sometimes these emails are from real recruiters, but it can also be a fake recruiter scam trying to get your information or money.
Interviews with an Untrustworthy App
Some scammers will notify you about a job you’ve been selected for (when you never applied) and ask you to do a video interview using a specific messaging service or app. The app will ask for your personal information to complete “registration” and the scammer will steal your info.
Credit Reports
Some employment scammers ask for your credit history to verify your eligibility. They’ll ask you to pay for the credit report, which shows up on your credit history. Legitimate employers sometimes ask employees for credit checks, but they always cover the cost for you.
The Two Goals of Employment Scammers
Not every job scam is after your money. Some scams are what Mike Kiser, Director of Strategy and Standards at SailPoint, calls “low attacks,” while others are “high attacks.” Whether the scam is a low attack or a high attack depends on what it is the scammers are after.
The Low Attack: Cash
These job scams are exactly what you think of when you think of a scam. They are done at scale, targeting hundreds or thousands of people with the same generic offer. It’s a smash-and-grab operation, in a way – they want to take your money once and move on to the next person. There is no customization. Mike says he gets frequent scam texts offering him jobs, but it’s very clear they have no idea what he does. That’s a low attack.
Low attacks will include tactics like making you pay for training or supplies for a job, or one of the scams listed above.
The High Attack: Connections
A high attack is much more sophisticated. They’re not after your money – they’re looking for open-source intelligence on a person or an organization. These scams identify people in key positions, profile them, and gather background information.
Mike says he sees more and more fake LinkedIn profiles that are used to build these fake connections. It only takes two or three connections before the ball starts rolling and they can connect with even more people. Once the scammer has a strong network of connections, they can use them to interact with a targeted person and offer a fake job. And if they can convince someone to apply for a fake job, they can get a lot of information.
Once you get a resume … think about how much intelligence you’ve gotten on that individual.
Mike Kiser
Think about how much information someone could get off your resume. Your home address, your phone number, your email, perhaps your alternate email, your entire job history that may not be on LinkedIn. They can use this information to assemble an organizational map and determine who they want to target. The goal isn’t money, it’s information and networking. These job scams are more difficult to identify because the normal red flag of asking for money is absent.
How to Know If a Job Is a Scam
Keep your eyes open for these signs when you’re looking for a job, or if you’re contacted about a job:
- Suspiciously easy or lucrative: If the job poster claims to pay you upfront before you’ve done any work, or promises high pay with minimal requirements, it’s probably a scam.
- Asking for too much info: If you’re pushed to share a lot of personal information before you’ve even met someone from the company, be wary and ask questions before you hand over that personal data.
- Unprofessional communication: An informal writing style and grammar mistakes can be a tip-off that the job is a scam.
- No company email address: If a recruiter reaches out to you first, check to see if they have an email address with the company’s domain name. If it’s from a personal email address or Gmail account, it’s probably fake.
- Immediate job offer: If you’re offered a job without having even applied, spoken to a hiring manager, or had an interview, there’s a good chance it’s not a real job offer.
- Fake social media accounts: A good way to check if a company is real is to search for their social media accounts in addition to their website. If the social media profile has scant information or was recently created, it’s probably not a legitimate company.
- Unknown software: If a potential employer wants to set up a call with you using an unknown piece of software, it’s most likely a scam. Look out especially for software that’s “proprietary.”
Identifying Bogus LinkedIn Requests
A fake job scam might originate from a bogus LinkedIn request, especially if it’s a “high attack.” Some of the signs that a LinkedIn request is spam are true of any stranger interacting with you on the internet. Someone with no mutual connections is suspicious. So is someone who is model-pretty – there’s a high chance someone took the profile photo off a stock photo site.
Some people are more trusting than others on social media. You may never accept requests from someone you’ve never met, or you’re open to networking with new people. But regardless of what you decide, always be suspicious of someone presenting a job opportunity.
How to Avoid Scam Job Offers
If you’re on the job hunt and find an opportunity that seems too good to be true, your first reaction might not be suspicion. You naturally want to hope that it is true rather than investigate the warning signs. But if you want to avoid a job scam, you unfortunately have to be on your guard.
Here are some steps you can take to protect yourself from scam job offers.
Research Companies
Do some digging into the companies you apply to. Find their official website and social media pages. Check to see if they have team members’ names and photos listed on their site, or if their employees are connected to their company page on LinkedIn.
Don’t Give Out Sensitive Information Online
Legitimate employers don’t ask for bank account information, credit card numbers, or Social Security numbers online. They only get this info from you after they’ve hired you. If a recruiter is pushing you to provide this information early in the application process, you should consider it a scam.
Don’t Pay to Get a Job
Honest employers don’t ask you to pay to get a job. If they ask for any kind of fee or payment during the application process, they’re trying to scam you.
Check Employer Review Sites
Look for the company on websites like Glassdoor or Indeed to see if there are reviews. These comments can sometimes let you know if the company is legitimate or running an employment scam.
Be a Little Cynical
A healthy dose of cynicism is needed when you’re searching for jobs. Mike Kiser says he’s naturally suspicious of strangers online. As far as he knows, no one has taken his money or committed credit card fraud on his accounts. It’s possible that he’s missed some professional opportunities as a result, but he’s also avoided scams.
The Future of Jobs, Job Scams, and Identity
We have realized that protecting our identity is our best defense against job scams and any other kind of scam. Standards are coming out to help us control the information about our identity and share it with others in a provable, cryptographically-signed way.
If you get a text or email from a random person, these standards should make that person prove they are who they say they are with a credential signed by a secondary authority. It’s one thing to be in person – you can pull out a driver’s license or another identity document to verify. Verifying and proving that authenticity in an online world will be key.
Identity is under attack.
Mike Kiser
This also gives us an opportunity for additional identity privacy. Without standards, once you give someone your identity data, who knows where it’s going? We don’t have control. Legislation like GDPR and CCPA have given us some control over our data, but they’re not perfect. These standards can help improve our privacy as well. They don’t necessarily solve the problem on their own, but there is great potential.
You don’t want to have your identity or personal data stolen over a fake job scam. Stay on the alert and watch for signs of employment fraud, especially if you’re seeking a job. To learn more about job scams, listen to our Easy Prey podcast episode featuring Mike Kiser. He’s a regular speaker at identity and cybersecurity conferences and a member of several standards groups. He does strategy work, helps establish internet identity standards, and develops working groups. Working with colleagues in the industry, he tries to make things better for people online. He also researches privacy and how people can protect themselves online.
You can connect with Mike Kiser personally on LinkedIn – just look for the hat. You can also find him on his personal website mikekiser.org, where he blogs occasionally. Just prove you’re real, and he’s always happy to talk.
Related Articles
- All
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Networking Basics: Learn How Networks Work
- Online Privacy
- Online Safety
Passkey Security is the Future of Account Access
Phishing and account breaches have been a problem for years, and it’s not going away. In fact,…
[Read More]A Cybersecurity Framework for Protecting What Matters
The world of online threats is ever-changing. Sophisticated phishing, AI-powered attacks, and more are making it ever…
[Read More]There’s No Such Thing as a Safe Account
You get a call from your bank’s fraud department. There’s been fraud on your account – a…
[Read More]What to Do if a Loved One Lost Money to a Scammer
Scams and scammers are everywhere. Even if you haven’t personally been caught in a scam, you probably…
[Read More]Identity Crimes: Impact and Recovery
It’s not just identity theft anymore. Criminals have expanded to a whole range of identity crimes. And…
[Read More]How to Set (and Achieve) Good New Year Resolutions
It’s the time of year when people start thinking about New Year resolutions and making changes in…
[Read More]