{"id":18198,"date":"2022-02-04T06:10:04","date_gmt":"2022-02-04T14:10:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/02\/04\/news-11931\/"},"modified":"2022-02-04T06:10:04","modified_gmt":"2022-02-04T14:10:04","slug":"news-11931","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/02\/04\/news-11931\/","title":{"rendered":"FBI warns of bogus job postings on recruitment sites"},"content":{"rendered":"

Credit to Author: Christopher Boyd| Date: Fri, 04 Feb 2022 13:09:36 +0000<\/strong><\/p>\n

Before Christmas was a busy time<\/a> down at the fake job factory, with all manner of dubious antics out to ruin someone\u2019s day. We\u2019re now info February and the bogus job offers show no sign of abating. In fact, the FBI considers it to be such a problem that it’s issued an alert<\/a>. This isn\u2019t your typical warning about plain old fake job postings, or random messages sent via services like WhatsApp or Telegram though.<\/p>\n

This one involves a dash of the old website exploitation.<\/p>\n

Sounding the alarm<\/h3>\n

The alert begins as follows:<\/p>\n

\n

Malicious actors\u2026continue to exploit security weaknesses on job recruitment websites to post fraudulent job postings in order to trick applicants into providing personal information or money. These scammers lend credibility to their scheme by using legitimate information to imitate businesses, threatening reputational harm for the business and financial loss for the job seeker.<\/em><\/p>\n

Since early 2019, the average reported loss from this scheme is nearly $3,000 per victim, and many victims have also reported that the scheme negatively affected their credit scores.<\/em><\/p>\n<\/blockquote>\n

So, we have a scheme that\u2019s been ticking along for a couple years. It\u2019s also fairly profitable for whoever is pulling the strings.<\/p>\n

How do these attacks work?<\/h3>\n

The FBI doesn\u2019t go into detail as to how sites being referenced are exploited. They instead mention that the scammers go in for a variety of tactics. Some of their fake ads are posted to commonly-used employment-oriented networking portals. Others are a bit sneakier, being posted to \u201cofficial company pages\u201d due to the \u201clack of strong security verification standards on one recruitment website\u201d.<\/p>\n

This had an impact on both potential victims and the organisations being spoofed. It seems it was hard for the latter to tell which postings were genuine too. This is definitely not what you need when sifting through potential job opportunities. The FBI notes that they also replicated existing, legitimate postings, altered contact information, and sent them out into the wild too. All in all, a tangled mess of lurking menaces waiting to strike.<\/p>\n

The scam gets underway<\/h3>\n

The links posted on the ads take would-be hires away from the job site(s). What they land on is a fake site sporting bogus contact details and phone numbers operated by fraudsters. Wary of people doing some digging to ensure the legitimacy of the posting, they also use contact details of genuine employees. Those details are likely harvested beforehand from sites like Linkedin, or even just browsing the company\u2019s website or other directories.<\/p>\n

Again, the FBI don\u2019t go into specifics with regard to how money is extracted from victims. The most common methods used in these scams is to wire money to fraudsters. It might be a regular wire, or they may ask them to make cryptocurrency payments. These are usually accompanied by an explanation about paying for office equipment or other expenses, with the promise to send the money back to jobseekers once everything is set up. Of course, this doesn\u2019t happen.<\/p>\n

Considering the impact on businesses<\/h3>\n

It isn\u2019t just the jobseekers at risk from these tactics. As the FBI notes, there\u2019s the possibility of reputation damage to consider for the organisations being spoofed. It\u2019s quite possible people caught by these scams will post negative reviews or comments in relation to the unwitting businesses being impersonate. This isn\u2019t a straightforward problem to resolve, and before long half a dozen sites could be full of bad reviews, negative replies. These kind of things can spread rapidly.<\/p>\n

Tips to avoid being stung<\/h3>\n

The FBI has listed a number of hints to try and keep job hunters safe:<\/p>\n