Resources

Article

4 common recruitment scams and how to protect yourself

Article

4 common recruitment scams and how to protect yourself

Article

4 common recruitment scams and how to protect yourself

Security

Article

4 common recruitment scams and how to protect yourself

Security

A version of this article was originally published on the Visma | ProActive blog (in Dutch).

Picture this: Andrew is currently looking for a new job. One day, a recruiter on LinkedIn sends him a message and makes a very tempting (and very realistic) job offer. The recruiter seems like a professional, so Andrew agrees to get in touch via email. The recruiter sends Andrew more information from a personal Gmail address, including a link to his future employer’s website. The recruiter also asks for a small advance for training materials, and his bank details and social security number to set up an employee profile.

The advance isn’t that inconvenient, so Andrew agrees. Of course, his future employer needs his bank details to transfer his salary, so again, he agrees. And then everything goes silent. His money and data are gone.

And Andrew is left wondering: How did I not see that coming? What should I have done differently?

This type of situation is, unfortunately, becoming all too common.

Recruitment fraud is on the rise

Cybercriminals use all kinds of techniques to steal money and/or data. And, unfortunately, recruitment fraud is on the rise. In 2023, the Cyber Helpline reported a 286% increase in the number of recruitment scams over the previous year. So what does recruitment fraud look like? And how can you protect yourself?

To start, it’s good to know the four most common recruitment scams that cybersecurity teams see today:

  1. Fake recruiters approach job applicants to steal money
  2. Fake recruiters approach job applicants to steal personal information
  3. Fake job openings
  4. Fake websites that get your resume “to the top of the pile”

Let’s break down each of these scams so you know what to look out for. And then we’ll give you some practical tips for how to not fall for them.

Three colleagues chatting near a window

Scam 1: Fake recruiters approach job applicants to steal money

Three of the common things cybercriminals will ask for money for is training materials, work permits, or insurance. Sometimes they’ll even ask for advances for computers and other devices needed to do your job. A payment request usually comes via email outside of LinkedIn, so the fraud goes unnoticed on that platform and can keep going.

Scam 2: Fake recruiters approach job applicants to steal personal information

Cybercriminals could also steal your money indirectly by abusing your data. This could be anything from serious forms of identity theft to smaller things like purchasing a phone in your name. Either way, they are using your personal information illegally and at your expense.

Scam 3: Fake job openings

Creating fake job openings isn’t anything new, sadly. Several examples are known where data from applicants is abused or where applicants are even hired for a job that doesn’t actually exist. Cybercriminals use this type of fraud to get your data for identity theft.

Scam 4: Fake websites that get your resume “to the top of the pile”

You’ve probably heard of websites that promise to “put your resume at the top of the pile”. And when you’re three months into a job search, that sounds really appealing, right? Cybercriminals use fake websites that promise to alter an applicant’s resume to bypass recruitment software. For a price, of course. Please keep in mind that alterations like this do not exist whatsoever. It’s just a clever way to steal your personal information.

Man working on laptop

How to spot fake recruiters

Recognising fake recruiters is becoming increasingly difficult. Platforms like LinkedIn are doing their best to warn users how to spot scams. But one of the most important things you can do is always trust your gut. If something feels off, don’t engage further with that person and report them. If you’re still not sure, ask yourself:

  • Is someone contacting me about a very generic job opportunity?
  • Does the recruiter want to switch from LinkedIn to email or WhatsApp quickly?
  • Does the recruiter’s email address look strange: @gmail instead of @companyname for example, or does it include typos?
  • Does the recruiter quickly want me to transfer money, stressing its importance and urgency?

If any of these answers are yes, it’s most likely a scam.

Infographic: How to spot a fake recruiter

We encourage you to SAVE and SHARE with your network to help spread the word.

How to prevent your data from being stolen

To prevent cybercriminals from stealing your data, you have to stay vigilant. Only put absolutely necessary (contact) information on your resume. And periodically check if your information is on haveibeenpwned.com to see whether your data has been leaked.

NB! If you find a site that checks for leaks but it asks for your password, DO NOT enter your password. Legitimate sites won’t ask for it.

Never send money to a future employer

We cannot stress this enough: Money requests from future employees are unheard of. Even if they promise to reimburse you, this is always a huge red flag. Never agree to send money in advance to a future employer.

“Honest employers will never ask you to pay upfront fees for a job or for equipment. And they won’t ask you to pay them using cash, Zelle or PayPal.” – Federal Trade Commission

Before applying for a job

Make sure you do research outside of LinkedIn. Google the company to make sure it actually exists. And then check their job listings page to ensure the job you’re applying for is listed. If you can’t find much information about the company or the job listing anywhere other than LinkedIn, it could be a scam.

Before providing personal information

Ask the company what they need your information for exactly. They are required by law to tell you why they are collecting personal data and how it will be used. Only when you’re comfortable with their answer, and certain your data will be protected, should you give out details like your home address, bank details, and SSN.

Man and woman colleagues chatting at cafeteria table

How to report a scam

If you receive a scam message on LinkedIn, file a report with their support team. If you have been scammed, please notify your local law enforcement.

Remember, your awareness and informed decisions are powerful tools in the fight against cyber threats. By staying one step ahead, you not only protect yourself but contribute to building a safer online job-seeking environment for everyone.

Related content