Lots of us grew accustomed to commute-free jobs during the pandemic and are hoping to find a way to continue to work from home. Scammers hoping to capitalize on that are taking elaborate measures — as far as fake interviews and background checks — to get people’s personal data and/or money.
Lilly Gallaher of Pleasant Valley, New York, applied for several jobs online last year. After a brief online interview process, she appeared to land a position with McKesson, a large distributor of pharmaceuticals and medical supplies. Gallaher was told she’d receive a check to cover her purchase of a computer workstation from its Venmo store. The procedure seemed odd, but she was reassured by the company’s size and reputation. Then the check bounced.
Another Venmo user noticed the transaction and let her know they’d been similarly scammed. When “McKesson” asked for her Social Security number, she refused to give it and reported the scam. Gallaher estimates she lost about $850.
According to the FBI, 16,879 people reported being victims of employment scams in 2020. Looking back, Gallaher says she ignored red flags because she felt assured by a known name and reputation. McKesson now has a “recruitment fraud alert” webpage warning about the scam.
How work-from-home interview scams hook victims
According to the FBI, the newest scams typically work like this:
- Criminals create a domain name similar in appearance to a legitimate company. They may add a space or flip a digit in the URL — a change so small it’s likely to be overlooked.
- Next they post job openings on job boards, directing applicants to the spoofed sites.
- People applying either on job boards or the fake sites get an email requesting an interview, which is conducted remotely.
- Applicants are told they got the job or are finalists.
After that, what happens can vary, but it tends to involve victims unwittingly revealing their Social Security and bank account numbers to criminals, losing money or unknowingly becoming involved in money laundering.
Know the signs
Job scams have long been a problem, but cloning websites and conducting fake online interviews is newer, says FBI Special Agent Jeanette Harper of El Paso, Texas.
Harper says college students and others with little experience with job interviews and offers are especially at risk.
To them, it may not seem odd to be asked for a driver’s license number early in the employment process or to be asked to pay for a background check. Other signs that could suggest a scam:
- Interviews conducted by teleconference using email addresses rather than phone numbers.
- Requirements that applicants purchase startup equipment from the company, sometimes specifying payment in the form of gift cards.
- Requests for bank or credit card information, or other sensitive personal information.
- Job postings that do not also appear on genuine company websites (type in the company URL yourself; don’t follow a link).
- Requests that you pay for lists of job openings before they are published.
- A request that you send money or packages overseas (it may be money laundering).
Even if you don’t hand over your Social Security number, your resume and list of references have value to an identity thief, says cybersecurity expert Adam Levin, host of the “What the Hack?” podcast and author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves.”
Bits of information are “tiles in the mosaic of your life that an identity thief needs to effectively present themselves as you.” Even if you figure out it’s a scam and don’t lose a penny, you can’t retrieve the information, Levin says.
Another hallmark of a scam is a higher-than-expected salary for a relatively low-skill job. Recently, a Reddit poster warned about a Facebook ad for “ramp attendant jobs” paying $40 an hour. The ad assures would-be applicants that the messages being exchanged are encrypted and 100% safe. The employer is supposedly “Breez Airlines.” (Breeze Airways actually does exist.)
“Bad actors have scoped out these companies,” Levin says. “So many companies make available who works there and the kind of employees they are looking for.” That means the name of the person sending you an email may well match an actual person at the company. A cloned website can make it even harder to tell if a job is legit. Your best bet is to call the company, using contact information you looked up yourself and were not provided, and ask HR to confirm the opening you are applying for before you share any information.
Getting an offer quickly should also make you suspicious, Levin says. An on-the-spot offer might mean you are a target, not a potential employee.
Finally: “Trust your gut and ask questions,” Harper advises. Don’t ignore the feeling that something’s not right.
What to do if you think you were scammed
Whether you are applying for online jobs or not, your best protection against identity theft is a credit freeze. If someone has your Social Security number, a credit freeze can help keep them from opening new credit accounts using your personal data.
If you have given out credit card or bank account information, contact the issuer or financial institution as quickly as you can. Ask how you can limit the danger, whether that’s getting an updated credit card number or opening a different bank account.
You should also report an online job scam to the FBI’s Internet Crime Complaint Center at ic3.gov. The more information you are able to provide, in terms of names, emails, texts and the like, the better.
Image from: 123rf.com
Image ID: 51883925