Preventing Job Scams: Safeguarding Your Organization’s Reputation and Finances

Job Scamming: A Pandemic Within a Pandemic

Job scams have become a widespread issue during the pandemic, with operations growing into multimillion-dollar businesses that operate globally. According to a survey, 32% of job seekers have reported applying and even interviewing for fake jobs, 15% had their personal information stolen, and 9% admitted to losing money to scammers. In 2022, financial losses in the United States alone surpassed $367 million.

Scammers as Sophisticated Criminal Operations

Gabriel Friedlander, founder and CEO of Wizer Training, points out that job scammers operate like any other criminal business. However, instead of marketing products or services, their goal is to commit crimes. They utilize marketing techniques to send out scams, capture leads, convert them to opportunities, and ultimately exploit individuals or hack companies. By offering enticing prospects, scammers can deceive victims into falling for their schemes.

Risks to Companies and Brands

Job scams not only harm job seekers but also have severe consequences for company brands and the exposure of sensitive data. Roger Grimes, the data-driven defense evangelist at KnowBe4, highlights the creative tactics used by scammers to steal the credentials of real individuals and apply for jobs using legitimate-looking emails or portfolio URLs. These emails often contain malware hidden within resume attachments or links.

Fred House, senior director of detection research and operations at Trellix Advanced Research Center, highlights the agility and funding of scamming companies, which make it challenging for organizations to defend against them. Companies, especially Fortune 500 brands, are targeted even more due to their desirability and bigger opportunities for scammers to lure victims in.

Guarding Against Scams

Awareness, education, and training are crucial for human resources and security departments to protect against scams. Friedlander emphasizes the importance of conducting thorough background checks, especially when in-person meetings are not possible. Multiple forms of communication can be used to verify the legitimacy of an applicant.

Having a strong security posture is fundamental to staying safe. Companies must have sophisticated email security and utilize web proxies to analyze links clicked by users. Grimes suggests that companies should actively seek out and combat scams and put pressure on job sites and social media channels to take action against cybercriminals.

LinkedIn, in response to the rise in fraudulent activity, has implemented measures to detect and remove fake accounts swiftly. Companies should leverage their career page and social media platforms to educate job seekers about potential scams with specific do’s and don’ts. Outsourcing cybersecurity efforts may be a viable solution for companies lacking dedicated teams.

Protecting Reputation

Even if a company is not directly affected financially by job scams, its reputation can suffer. Nash advises company leadership to understand how their brand can be exploited and used for malicious purposes. Empathy towards victims is crucial, and HR departments and security teams should communicate that they take such incidents seriously.

The Future of Job Scams

According to Grimes, job scams have evolved over the past decade, and they are likely to continue to be a part of our societal fabric, akin to social engineering and phishing. Unfortunately, protecting ourselves from cybercrimes has become an unfortunate consequence of the internet age. As Friedlander points out, cyber risk is intangible, making it essential for people to be educated about the dangers lurking in the digital space.

It is crucial for individuals and organizations to be vigilant, proactive, and knowledgeable to mitigate the risks posed by job scams and protect personal and organizational security.