Most often it’s requiring upfront fees for supposed background or credit checks, training or supplies. After paying, applicants are told they didn’t get the job — if they hear anything at all. Fraudsters seek your birth date, Social Security number or other sensitive info (that shouldn’t be on your résumé) for possible identity theft. Or, after “hiring” you with no face-to-face interview, they request your bank account number, for alleged direct deposit of paychecks.
The latest ruse: Con artists are posing as recruiters on the popular employment social network LinkedIn. It’s a convincing scheme because legitimate recruiters use LinkedIn to contact, out of the blue, potential job seekers among the website’s 400 million members.
“Using these fake LinkedIn accounts, scammers are able to establish a sense of credibility among professionals in order to initiate further connections,” reports security software manufacturer Symantec (maker of Norton products). The goal is to get contact information for you and those in your business network — “including personal and professional email addresses as well as phone numbers” — which can be used for spear-phishing emails.
Unlike “regular” phishing — general “Dear Customer” correspondence sent en masse (with hopes that a tiny fraction of recipients respond) — spear phishing is specific, including your name and other personal details for more convincing emails. In such a message, con artists may pose as a credit card company and ask for your account number, or they may devise other ruses to glean data worthy of identity theft.
Noting LinkedIn as “a prime target for scammers looking to connect with professionals,” this month’s Symantec report follows others by cybersecurity experts at F-Secure and Dell SecureWorks. So if you’re a LinkedIn member who gets “recruited,” take it with a grain of salt and know that, at least for now, scam-centric fake accounts follow a specific pattern (and can be reported to LinkedIn).
- They primarily use photos of women pulled from stock image sites or stolen from legit LinkedIn profiles or other social networks.
- They copy text from profiles of real professionals. To check this, copy and paste a section of text into a search engine to see where else it appears, and from whom.
- Commonly used key words include “Reservoir Engineer,” “Exploration Manager” and “Cargo Securement Training,” notes Symantec. Fake recruiter accounts also typically pitch jobs in logistics and the oil and gas industries.
For information about other scams, sign up for the Fraud Watch Network . You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and gain access to a network of experts, law enforcement and people in your community who will keep you up to date on the latest scams in your area.
Also of Interest
- New twist to the tech support scam
- 10 tax moves to consider now
- Over 50 and looking for a job? BACK TO WORK 50+ can help.
- Join AARP: savings, resources and news for your well-being
See the AARP home page for deals, savings tips, trivia and more.