While the digital age makes job-seeking easier, we often have to share personal information to give ourselves the best chance of landing a new role.
There are plenty of movers and shakers at this time of year, with people looking to give their career a spring clean before the employment market quietens in the summer.
Whether we are communicating with job sites, recruiters or employers, most of the contact is online, leaving us open to cybersecurity threats and unscrupulous scammers.
Employment fraud is a growing problem in the UK and is now the fifth most common type of fraud. Many of the scams are very sophisticated, with rogue recruiters, LinkedIn bots and even fake jobs around to tempt unwary candidates into parting with their money or data.
Marijus Briedis, cybersecurity expert at NordVPN, shares some top tips to make sure you are not the ideal candidate for employment scams.
Phishing for trouble
“Phishing is one of the most common methods of employment fraud. Hackers will try to trick you into giving them personal details, such as passwords or financial information by posing as trustworthy people or organisations to lure would-be applicants.
“You may be duped even before you have applied for a job. Emails which appear to come from reputable websites such as Indeed or Glassdoor may not be what they seem, and last year LinkedIn revealed they had identified over 21 million fake accounts in six months, suggesting 1 in 40 users were bots.
“Check the email address of the sender to see if it appears legitimate and scan the message for poor spelling and grammar, which could highlight a hacker is behind it.
“The emails will often be worded to tempt you into clicking on a link or downloading an attachment that contains malware or spyware, which can give them access to your computer or phone.
“Be cautious about engaging with anyone that is using a personalised email account like Yahoo or Hotmail. Unless the company is very small, a sender not using a corporate email address should send alarm bells ringing.”
Does the job even exist?
“Cybercriminals posing as recruiters may post fake job adverts on LinkedIn, perhaps even for a legitimate or well-known company. Victims will then later find out that this job was simply a bait to steal their identity, with skilled scammers able to plunder Social Security numbers, contact information or even bank details before vanishing into thin air.
“Do your research on their company before arranging any follow-up calls and try to confirm independently that any job mentioned exists.”
“If you’re contacted by a recruiter and they seem more keen to ask you about your personal data, rather than your aspirations or available roles, this is one opportunity you can safely turn down.
An (il)legitimate offer
“When you receive a tempting job offer it’s tempting to rush to accept, but this is a time you need to be on your guard for any issues or potential scams. As well as checking the hiring company’s website, if you have not previously been in contact with the person offering you the job, do a thorough check online to make sure they are an official employee.
“For added peace of mind, you can also contact the organisation directly to confirm that the offer is genuine.
“Once you have been offered a job, there are some immediate red flags to look for. Before long any scammer is likely to ask you for financial information, the most common excuse being so you can be set up on an employer’s payroll system. They might also claim that a small administration fee is common for new employees, especially if the job in question is abroad.
“Remote working is now commonplace across the UK but has the potential to make you a target for fraud. Like many employees you could be asked to start work on the basis that you receive a paycheck at the end of the month. However, where the scam comes in is that during the first month you will be asked to buy upfront the equipment or software in order to fulfill the needs of your new job. And while those payments will go to the scammer, that equipment — and those paychecks — may never arrive.
“Don’t give away any details until you are positive that it is safe to do so and make sure you use a trusted platform to send them on, so you don’t leave yourself open to hackers.”
What to do if you think you have been scammed
Do not suffer in silence
“If you have any suspicion that you have been a victim of recruitment and employment fraud the best thing to do is to report it. Sadly such fraud attempts are common so there is nothing to feel embarrassed about, and keeping quiet will only help scammers prosper by targeting others.
“Phishing emails should be forwarded to Action Fraud so that they can see the latest tactics being used and issue a warning.
“If emails or messages appear to be coming from a reputable company, you can let them know that fraudsters are trading on their name, which may prompt them to alert their staff and customers. If the fraud attempt is happening on social media, such as a LinkedIn message, report the sender as a spam user.”
Alert your bank
“If you have been persuaded into revealing financial information, or have agreed to transfer money or pay for fake services, you need to alert your bank immediately.
“They will be able to advise you on the next steps, including changing details which have been compromised.
“If you paid for something through a credit card, your bank may be able to retrieve the lost money, or act on your behalf to try and secure compensation for the crime.”
“The easiest way to protect yourself from fraud when searching for a job is by taking proactive steps to keep scammers at bay.
“Many phishing attacks work through sheer weight of numbers, so use spam filters on your email accounts to filter out the bulk of suspicious emails so any that slip through the net should be easier to identify.
“You can use additional software such as anti-virus protection to detect whether you have clicked on a suspicious link. Features like Threat Protection feature can also help to keep you safe when browsing and protect you from malware. It works by scanning files when downloading them and can block malicious content before it reaches your device.”
Amelia Brand is the Editor for HRreview, and host of the HR in Review podcast series. With a Master’s degree in Legal and Political Theory, her particular interests within HR include employment law, DE&I, and wellbeing within the workplace. Prior to working with HRreview, Amelia was Sub-Editor of a magazine, and Editor of the Environmental Justice Project at the University College London, writing and overseeing articles into UCL’s weekly newsletter. Her previous academic work has focused on philosophy, politics and law, with a special focus on how artificial intelligence will feature in the future.