Have you ever seen a job posting that seems too good to be true?
Maybe the pay seems pretty high for minimal work or you’ve never even heard of the company.
Have you gotten a random, unsolicited job offer? Not sure why? Wondering whether or not it’s a scam? After all, it isn’t too often that you get a job offer without applying for anything.
More and more, we’re seeing big companies become the target of threat actors who pose as the company and send job offers with the hopes of either getting you to reveal personal information or to install software so they can access your computer.
When you’re hunting for a new job, the last thing you want is to have your personal information stolen and your finances at risk.
Here at Anderson Trucking Service (ATS), our cybersecurity team works closely with each department to ensure their information is secure and they know how to spot a phishing scam. We’ve been around since 1955, so we’ve seen our fair share of scams in the industry. We want potential job applicants and job hunters to know what to look for to spot these scams.
In this article, you’ll learn about nine red flags that warn of a job scam. You’ll also get tips for what to do if you suspect you’re a victim of a scam.
9 Signs of a Fake Job Ad
The FBI just warned of a scam of this magnitude: Threat actors will either ask you for personal information during a phone call (like banking information) or they’ll try to get you to install software on your computer (and the link is compromised). Both are tactics to steal personal and/or financial information to either steal your identity or your money.
There are a couple of different ways threat actors go about targeting unsuspecting victims. They may either create fake websites and start posting jobs, or they may try to mimic another company with the hopes you’ll mistake them for the actual company. They often scour real job postings and steal that information to try to trick you into thinking it’s the actual job.
We see this happen a lot with individuals who post they’re “open to work” on LinkedIn. Scammers target them with job offers closely related to their background or skills. Let’s say you used to be a web developer. You’ll suddenly start getting offers for developer jobs that you never applied for.
Be on the lookout for these nine red flags when you’re job hunting.
1) An Offer Without an Application
It’s almost unheard of to be offered a job without ever applying for it, especially if you have no connection whatsoever to the company. This in itself should be the biggest red flag.
2) Unprofessional Job Postings, Emails, or Direct Messages
When trying to spot a fake posting or a phishing attempt, cybersecurity professionals often advise their teams to look for anomalies, misspellings, awkward phrasing, and broken English within the text of the email or the job posting.
With artificial intelligence (AI) on the rise, spam emails are getting a little more difficult to spot. Threat actors simply use AI to craft emails without spelling errors. So, it may be a little more difficult to use this method to spot a phishing email, but it’s important to still be on the lookout.
When receiving direct messages on a social media platform such as LinkedIn, watch for shorthand writing. Legitimate recruiters, talent acquisition professionals, or hiring managers will reach out in a professional manner; they won’t use shorthand abbreviations such as “U” instead of “you.”
AI chatbots are becoming less expensive for threat actors to utilize. these tools can make direct messages feel legitimate, so be careful.
3) Lack of Company Information
If you get an unsolicited job offer or you see a job posting you’re interested in, you’re probably going to look up more information about the company, right? You’ll research when they were founded, what they have to offer, and what the culture and environment are like.
To do this, search for the company using your favorite search engine; do not click links in the email or direct message correspondence.
If you can’t find any company information, that’s a huge red flag. It may be a made-up company created for the purpose of posting fake jobs.
If you don’t see that they have any job postings that match the description of the one you were offered, that could be a red flag too. Or, the title of the job could match but the details might be far different.
Keep in mind: Some threat actors research the company and copy legitimate job postings, so this shouldn’t be your only indicator of whether or not the company is fake. Look for additional red flags (mentioned in this article).
4) Fishy Email Address
If you’ve received an unsolicited job prospect email, pay attention to the sending address. Does it come from the organization’s web address or maybe a staffing agency? Or is it a random, generic email address?
An email address with nonsensical letters or an email coming from a Yahoo or Hotmail address is a red flag. People don’t typically send emails from these accounts for professional purposes, and an address with random, nonsensical letters is a dead giveaway that something is fishy.
A legitimate email most often comes from someone within the company, so their email address should match the official company domain or a reputable staffing agency.
5) Unrealistic Pay or Opportunity
If the job looks too good to be true, it probably is. These scams mostly seem to target remote or work-from-home jobs. They’ll promise a large salary for minimal work required or very few hours. If you see this, alarm bells should be sounding in your mind.
Threat actors may also offer jobs to those who aren’t qualified for them. Let’s say you’re a recent college graduate but you’re being offered a senior engineering position. In that case, we’re sorry to say but it’s too good to be true.
6) You’re Asked for Confidential Information
You should never be asked for personal information from an employer prior to the acceptance of a legitimate offer.
Any information collected for a legitimate opportunity will come from your resume and the organization’s application process.
Your personal information should not be disclosed via direct message or email. If an application is sent to be filled out, do your research to verify the legitimacy of the job opportunity before opening an attachment or clicking on any links. Find the organization’s website which should contain the instructions to apply for any legitimate openings.
7) The Remote Job Is Urgent
Any job that’s urgent and requires your immediate response to either accept an interview or a job offer is sketchy.
Urgency is a red flag; it’s designed to cause panic. They want you to act quickly before you analyze the email or posting and realize it’s a scam.
No job should be so urgent that you need to have a response immediately.
8) You’re Asked to Pay for Something
In the process of interviewing for a job, you should never have to pay for anything. Any financial discussions that involve you sending money to them should be shut down immediately. A job interview or offer should never be contingent on you paying for any materials, product, or software.
9) You’re Asked to Install Something
If the company asks you to install software, don’t. In fact, if you’re nervous about the email/sender, don’t click on any of the links they send you.
If the threat actors can get you to install something on your computer, they can use that to access your banking passwords or otherwise get into your financial accounts. A lot of damage can be done if they install something onto your computer.
This differs from a company requesting to meet with you via Zoom (or something similar) and requiring you to download the software. You can install that from the official website; you don’t need to do it using a link they send you.
Spotted a Fake Job Listing?
Use your intuition when looking at job listings. If it seems fishy, it probably is. Examine the listing or email closely and ask for a second opinion if you need to.
You can also utilize these techniques to check the legitimacy of a listing.
Independently Check the Links
Hover your mouse over links in a suspicious email (without clicking) to see the true destination. If the link preview doesn’t display the official website for the company, then don’t click on the links in the suspicious email or posting.
The links could be compromised. Instead, find the website on your own through a web browser and try to find the webpage or type out the web address. From there, determine if the site seems fake or newly created.
Call Their Office
Research the company to find the number for their human resources or recruiting department. Ask to speak about the position to determine if it’s legitimate.
If the listing is fake, the number listed will call the threat actor who will confirm the listing is legitimate so they can continue with their scam
Check How Long Their Website Has Been Live
There are tools you can use to determine how long a company has been around or how long its website has been live. For instance, you can visit the website Whois.com and search for the domain to see how long it has been registered. If it’s only been a month or two, it’s probably a scam. They likely created the site to try to legitimize their scam.
While you’re at it, vet the company by researching for reviews on Google and social platforms. Have other people worked for them? What are they saying about the company?
Protect Yourself from Fake Job Posts
Spotting and avoiding fake job listings requires vigilance and a healthy dose of skepticism. Remember, if something feels off, it probably is. Here’s a quick recap of what to watch out for:
- Unsolicited Offers: If you didn’t apply for it, be wary.
- Unprofessional Communication: Watch for errors and odd phrasing.
- Lack of Company Information: If you can’t find them online, it’s suspicious.
- Fishy Email Addresses: Legit companies use professional email domains.
- Unrealistic Pay: If it’s too good to be true, it likely is.
- Confidential Information Requests: Legit companies don’t ask for this upfront.
- Urgent Jobs: Real jobs won’t demand immediate action.
- Paying for the Job: Never send money to potential employers.
- Software Installation Requests: Don’t install anything from a suspicious source.
If you come across a suspicious job listing, take these steps:
- Independently Check Links: Visit the company’s website directly.
- Call Their Office: Use a verified number to inquire about the job.
- Check Website Longevity: Use tools like Whois.com to see how long the site has been live.
At ATS, we prioritize your safety and security. Our team is always ready to help and ensure that your job search is safe and successful. Stay alert, trust your instincts, and protect your personal information.
And if you’re looking for legitimate ATS job posts, you can find them right here.
Happy job hunting!