Newsletter

Job Posting Scam

A man holds Phone with LinkedIn application on the screen.
Urupong - stock.adobe.com

Job scams that target students are on the rise. As you may already know from reading our Scam of the Month posts, hackers can and will target you by impersonating a university employee looking to hire a student worker. Often, these scams will reach you via email or your cell phone number. When the hacker reaches out to you via their initial email, they typically insist you communicate with them through text. This tactic moves the conversation to a medium not managed by WashU making it more challenging for our infosec team to intervene and defend. It is important to remember that WashU will never engage with you through text for job opportunities, insist you buy your own equipment, or deliver a check to you to cash via email.

Like the scams targeting current students, cons targeting recent graduates and other people searching for a new job are on the rise, too. LinkedIn is a great networking site for professionals. It provides effortless communications, easy access to candidates interested in job postings, and a place for people to search for their next opportunity. The feed of jobs listed on LinkedIn is seemingly infinite. But among the many legitimate opportunities lie fraudulent job offers that could cost your time, your money, and your resources.

Callie Heim, 22, applied for what seemed to be an attractive job. But before she knew it, she had unwittingly engaged with a scammer posing as an HR representative for a tech company (Liu, 2022). She was guided through a short hiring process using a third-party messaging tool and was offered a seemingly great position. She was asked to purchase her equipment through the company’s portal, with the promise that she would be reimbursed (Liu, 2022). Fortunately for Callie, she became suspicious and sniffed out their scam before making any purchases. Whatever money she would have spent on equipment would have likely disappeared never to be seen again. In addition, Callie had given her bank account information to the hacker for direct deposit, but thankfully, upon recognizing she was being scammed, she alerted her financial institution before losing any money (Liu, 2022).  

This is just one of many stories in which people fall for a promising opportunity fabricated by a bad actor. If you are posting your resume online or applying to open positions, keep your eye out for the telltale signs of a job scam.

Always be diligent about the company to which you are applying. If a Google search results in a stock website or returns nothing at all, there is a strong possibility that the company does not exist. While many organizations of different sizes post positions on LinkedIn, it is a good idea to do some research before engaging with a company or recruiter.

Job postings that offer high pay with a vague job description are suspicious and warrant further examination before engaging. Generally, if it seems too good to be true, it probably is.

Some scammers put in the effort to create a website supporting phony job descriptions or they pretend to be a representative of a legitimate company. These scammers might communicate with you using their personal email address or a messenger app, as in Callie’s story. According to LinkedIn, “any legitimate recruiter, HR person, or hiring manager will contact you from a corporate account,” never from a personal email address (Clark, 2019).

You may get deeper into the hiring process before becoming suspicious. LinkedIn reports fraudulent jobs requiring new hires send money to “cover starting costs, fees, an initial investment, inventory,” and other arbitrary charges (Clark, 2019). A new employer will never insist you need to pay before working. In addition to that, you should never provide any routing numbers or information for direct deposit until you are hired, and you have met your employer in person. Even in the age of remote work, your employer “shouldn’t need your direct deposit information until you’ve shown up to your first day of work.” (Clark 2019). If they request this information before that, you should be skeptical of the company.

If you do fall victim to a scam like the one described here, take precautions to secure your information. First, determine what information you revealed during the hiring process. If you offered any routing information to your bank account, close that account. LinkedIn also recommends opening “new accounts with a new bank” (Clark, 2019). You should close any email accounts that you may have used to communicate with the hacker. If asked to provide your social security number in the hiring process, “order credit reports from all three major credit bureaus,” and continue to do this, “every three months. . .  to monitor them for unusual or unrecognized activity” (Clark, 2019). If fraudulent activity does occur, report it to the police. Finally, be sure to report the company, poster, and any other information you have to LinkedIn to prevent other people from becoming victims.

Searching for jobs can be exciting, scary, and overwhelming. Remember to stay calm and keep the tips above in mind throughout the process. If you ever see something unusual, be sure to reach out to InfoSec@wustl.edu for help! 

References

Clark, B. (2021, February 8). How to spot and avoid online job scams. LinkedIn. Retrieved January 6, 2023, from https://www.linkedin.com/pulse/how-spot-avoid-online-job-scams-biron-clark

Jljenniferliu. (2022, September 18). 22-year-old shares nightmare of getting scammed by a fake job: ‘I went from excited to devastated in a month’. CNBC. Retrieved January 6, 2023, from https://www.cnbc.com/2022/09/18/22-year-old-goes-viral-for-sharing-job-scam-nightmare-and-red-flags.html#:~:text=What%20to%20do%20if%20you,the%20FTC%20at%20IdentityTheft.gov.