How to Protect Job Seekers from Rising Employment Scams
Check out a few strategies to protect yourself from employment scams.
Employment scams are on the rise, and job seekers must be able to confirm that every company they are applying to and that the individual they are interviewing with is legitimate, says Bala Kumar, CPO of Jumio.
As laid-off workers scramble to find new jobs amid a potential recession, they have one more worry to add to their list — fraudulent job opportunities. Scammers have created fake job postings for legitimate employers that link back to fake company websites. Some job seekers have reported undergoing interviews via chat on instant messaging platforms, while others have even conducted interviews with fraudulent recruiters via audio and video calls. Once the candidate accepts the offer, the scammer asks for personal information, like bank account or Social Security numbers, or asks the eager “new employee” to pay upfront for work equipment.
Fake job opportunities aren’t a brand-new concept. Just a few months ago, the FBI issued a warning alerting enterprises of hackers using digitally manipulated media, known as deepfakes, and stolen personally identifiable information (PII) to apply for remote job positions. Numerous reports have also been of hackers impersonating executives on video calls to scam employees into transferring data or money.
Gone are the days of in-person interviews where applicants don’t have to second-guess whether the recruiter they are in contact with is who they say they are. With many companies now permanently remote, job seekers may find it difficult to confirm that the company they are applying to and the individuals they are interviewing with are indeed legitimate.
Sophisticated Job Scams are Causing Big Losses
It’s no secret that scammers have become far more advanced in recent years, with new tools now available at their fingertips. Technology advancements have enabled them to conduct mass-automated cyberattacks at scale, taking cybercrime to a new level. Using technologies such as AI and machine learning, scammers can now generate highly realistic audio and visual deepfakes of people that mimic actual human characteristics. Cybercriminals have also benefited from AI-powered bots like ChatGPT that can respond intelligently to almost any inquiry and carry entire conversations. Thus, it’s possible that many candidates aren’t communicating with a human but rather with a highly sophisticated bot.
Fraudsters have seen massive success in using these creative tools and techniques. The number of job-related scams reported to the Federal Trade Commission tripled from 2019 to 2021, with American workers reporting over $200 million in losses. In addition to immediate financial losses, consumers that have shared their details in employment scams are also susceptible to identity theft, in which scammers can open bank accounts and credit cards under their name to further their fraud. This type of activity could take years to detect and resolve. As employment-related job scams continue escalating, career networking sites, video conferencing platforms, and other online organizations must take immediate action to halt this epidemic.
See More: Sandboxing Link Isolation a Powerful Solution to Neutralize Malicious URLs
Lax Cybersecurity Methods are No Match for Sophisticated Fraudsters
While fraudsters are busy at work, many networking sites haven’t followed cybersecurity best practices. For many websites, all that is needed to create an account is a simple email address and password, with no other form of verification required. This means anyone can create an account, sign in with stolen or fake information, and assume another identity.
A Modern Approach to ID Verification
Document-centric identity proofing is a great alternative to the traditional credential-based authentication approach, as it can accurately verify user identity and drastically reduce the number of fraudsters and bots operating on online platforms. Users get prompted to upload a picture of their government-issued ID and a corroborating selfie taken through their phone or webcam during account creation. The system then compares the selfie to the ID using face-based biometric authentication and AI to confirm they match. From there, the user will be asked to take a new selfie after every subsequent login to ensure their identity matches the original selfie taken during account creation.
In addition to verifying user identity, organizations must also assess each user’s business risk to ensure they do not have a history of fraud. Businesses can use numerous risk signals, such as checking their email address, device, and phone number, to confirm whether or not they have been previously involved in fraudulent activity. Ongoing risk monitoring can help businesses trust their users while providing users with the assurance that they are being protected.
These measures enable customers to obtain a complete view of their users and their risk profiles by triangulating the validity of their government-issued IDs, the verification of the identity information on that ID, and the risk of the phone, device, or email associated with the ID, and running everything against additional data sources. Undergoing all these steps may seem like a lengthy and time-consuming process, but there are identity verification platforms that consolidate every task into a single, unified solution. An integrated platform will significantly reduce fraud and provide users with a frictionless experience.
Cybersecurity Best Practices for Job Seekers
While online businesses must be well-equipped to catch scammers before they can use their platforms, applicants must also do their due diligence by investigating the job postings they are considering. Here are a few tips for job seekers to better identify whether the job they are applying for or interviewing for is legitimate:
- Even when a well-known company posts a job on a reputable job site, job seekers must cross-reference the company’s official website to ensure the listing also appears there. They should be extra cautious of any alterations to the website domain name and other website discrepancies, such as grammatical and informative errors.
- Candidates should only accept a job offer after a legitimate interview, whether in-person or through a web-conferencing platform. They must also conduct a thorough online investigation of the individuals they are interviewing with.
- Job seekers should only share personal data after accepting a job offer and consistently report any instances where they are asked for payment information.
The Future of Job Scams
Employment scams have been around for years and will only continue to evolve with the latest automated technologies. This is particularly true in a time of economic uncertainty, where cybercriminals know that vulnerable job seekers are often the first to bite when it comes to a new financial opportunity. A sophisticated scam may not always be the easiest to spot, but mitigation is possible with the most up-to-date technology and user awareness.
Do you think job seekers can be protected from cyber criminals as the hiring season opens? How? Let us know on Facebook, Twitter, and LinkedIn. We’d love to hear from you!
Image Source: Shutterstock
MORE ON SCAMS:
