The so-called big quit is still going on as employees quit their jobs in hopes of finding a better one. It could mean less stress, fewer hours, more pay, or a chance to pursue their passion. Either way, the grass isn’t always greener and a new risk for job seekers has surfaced.
In Las Vegas last week, the Black Hat conference celebrated 25 years of events, an annual gathering of the nation’s top security researchers. Among the presenters were cybersecurity experts from PwC who warned that nation-state hackers were using attacks targeting job seekers. Malicious groups from Iran and North Korea are using email, social media and messaging apps to attract current employees in high-level positions. companies.
The scam involves malicious links that describe lucrative opportunities for remote workers. Click on the links and job seekers are redirected to fake websites that secretly install malware on their computers. Whether their ultimate goal is to steal money or identities, their scams have been dangerous and effective.
While many websites are lookalikes of well-known companies, PwC stakeholders also noted that a criminal group is using fake companies as bait. These websites use sophisticated AI-generated profiles to represent employees, including recruiters and trainers who match potential candidates.
Nowadays, it is difficult to distinguish the message of a real person from that generated by an AI program. Many legitimate companies are adopting AI software for their customer service operations with great success, and companies like Zendesk are already planning to expand into AI-powered sales and internal employee communications for their customers. It’s no surprise that hackers use similar technologies in their scams.
Job seekers can be especially likely to fall for an opportunity that seems almost too good to be true, especially if they’ve been looking for a while. The combination of hope and desperation makes it an attractive target. But how do you avoid falling prey to this type of scam?
The steps are really no different than those used for other types of scams. The most important thing to remember is that if it sounds too good to be true, it’s probably a scam. Curb your enthusiasm and take the following steps.
PwC presenters said the most common tactic is to send malicious attachments and links to their targets via email or text. Never open attachments from a sender you don’t know and be extra careful when you receive an attachment from someone you know. Emails are easy to spoof, so it’s best to contact the known sender to verify that the attachment is from them before clicking to download.
Likewise, you’ll want to check any links you see in job-related email and on job search websites. Hover over the link to make sure it’s the exact web address used by a particular business. If you are unsure, visit the company’s website through another tab by searching for that company’s name. These scammers often use a slight variation of a company’s URL to direct you to a malicious website.
You can also receive job applications as a text message on your phone, WhatsApp, Facebook, Twitter or any other application with a messaging function. Again, if you don’t know the sender, don’t respond, especially if the profile looks suspicious.
If you are a LinkedIn user, be extra careful when you receive messages from recruiters. Before responding, carefully review the sender’s profile and associated company profile, as well as the job description. If you detect unusual wording, misspellings, and grammatical errors, that’s a sign that it may not be from a legitimate source.
Review the recruiter’s work history. If previous positions do not match the current position in human resources, this may indicate a fake profile. If you receive a message from a recruiter, note the chat style. If it’s extremely casual, maybe with a simple “hey”, you can be pretty sure it’s not from a Fortune 500 company. If the message includes a short response time, it it is probably a scam. HR staff and recruiters don’t pressure prospects to respond or click a link within minutes.
Good job offers rarely come out of nowhere. Finding a new position that matches your qualifications is hard work – work that involves networking with friends and colleagues, following their leads, and submitting your resume to companies that have a matching opening.
Leslie Meredith has been writing about technology for over a decade. As a mother of four, value, usefulness, and online safety come first. Have a question? Email Leslie at [email protected]