Are ‘Phishing’ Scammers Shifting En Masse To Recruiting: How Deep? How Widespread?

Featured Guest Post by Gerry Crispin

“I want to raise an issue with the group here that is causing me increasing concern”, said the country [UK] head of recruiting for a global hotel chain to nearly 40 of his peers representing a dozen different industries at a London meeting last month. He went on to explain that “more and more people are showing up at our doorstep ready to start work. Unfortunately we have no record of ever selecting them…even if we had the openings to fill.”

It turns out that some of the individuals who believed themselves to be newly hired were initially contacted directly by emails claiming to have matched their profile with existing openings while others had simply responded to counterfeit ads- and very good counterfeits as the English was correct, the names & emails we’re carefully chosen and the web address to apply was a respectable imitation of the firm’s career site. The ads were placed by ‘recruiters’ representing different hotels in the chain on numerous legitimate job boards.

Resumes were accepted, emails exchanged and phone interviews conducted. An email offer including start date and address was the final hook with an explanation that an independent background check at the candidates expense ~$50 was the last hurdle. Not enough, given the distraction of the offer, to raise red flags….and, of course, a bad guy now had the credit card and pin number. As I looked around the room, heads were nodding, murmurs of “yes, same here” were being raised over and over. Nearly ¾ of the firms in the room had similar, and recent, examples. Adding up the estimates of the number of affected job seekers was shocking.

These were not small firms. Some of the most recognizable names in the world were present in that room and the problem was, in their estimation, more than an irritant, not yet out of control but growing rapidly. Reporting it was not helpful in garnering action from local, regional or national authorities as the amounts were too small (as reported). But, the potential impact for many of these firm’s employment brands downstream, if public awareness was heightened and solutions not found is deemed a serious prospect in addition to the individual impact multiplied many times.

Just imagine what a good visual an interview with someone minimally qualified for a job, desperate to work to feed their family, disappointed and depressed over learning the firm they had thought they were joining today had no record of them would be…while standing outside that firm. You wouldn’t want to hear that it is the 100th person to have found themselves in that situation but the firm hadn’t noticed because they hire so many and the incidents were spread over lots of facilities. Uh oh.

After returning from London I mentioned the conversation to a few other firms and, unbidden, I’m now getting examples of recruiting-related phishing emails, ads and websites from a variety of sources. While some stories have been in the press, the coverage of this issue has not been what I imagine it will be if its scope expands- especially if firms are aware and fail to take effective action. We tend to latch on to problems to be solved rather than problem solved.

In the next month I’m interested in interviewing employers willing to share their experience on the record and will also reach out and talk to job seekers taken in. If you know of any- especially affected employers trying to warn job seekers or better- take action in support of them, send me a note.

About the author: Gerry Crispin, SPHR is a life-long student of staffing and co-founder of CareerXroads, a firm devoted to peer-to-peer learning by sharing recruiting practices.

Originally published at RecruitingDaily

Comment by Glenn Gutmacher on November 8, 2013 at 1:48pm: I think all technical recruiters are familiar with the scenario of having a tech-savvy stand-in take the technical interview on behalf of the candidate, and then (surprise!) the employer is saddled with a hire who doesn't have the requisite technical skills. But this is worse, because the candidate is unaware they're doing anything wrong until they show up to start the job, and they're risking financial turmoil from identity theft and ongoing charges beyond the initial $50!

Comment by Matt Charney on November 8, 2013 at 1:57pm: Glenn: Thanks for the comment; appreciate your weighing in. Anyone who preys on job seekers as the source for a scam not only hurts the candidate and "company" they're fraudulently representing, but also the entire recruiting industry. I was doing an audit last week of the career sites of LinkedIn's Most In Demand Employers, and of the 100 on the list, probably a dozen of these had some sort of warning about recruitment fraud like the one captured in the screenshot above (Technip has a spot on that coveted list). So for all they've done to build a brand to attract top talent and actually drive them to their careers site, to see a warning like this sends an obvious red flag to any candidate applying. And as you know, with tech talent especially at a premium, any candidate who's burned by one of these schemes is unlikely to be responsible to real recruiters with really good opportunities - creating yet another obstacle in what's already an uphill struggle for anyone in talent acquisition. I think publicizing this epidemic is the first step towards stopping it, and stopping it is essential for the continued viability of online recruiting, sourcing and employer branding.

Comment by Keith D. Halperin on November 8, 2013 at 2:26pm: Thanks, Matt and Glenn. Does anyone have an idea how prevalent this is here in the US?

-kh

Comment by Gerry Crispin on November 8, 2013 at 9:52pm: That is the question Keith! We do need to answer it first.

If the incidence is low, we don't want to ring the chicken little bell so I think the first order is to get some sense of the scope. If Matt's note that ~12% of the 100 'most in demand employers' have a warning already in place is accurate, then we've got some indication of the scale and a place to start interviewing. I plan to survey about 250 firms that I know will answer my request to share...if they are aware. I also have about 20 employers who told me its happening who might be willing to dig up their specifics and go public (some will not or won't be allowed to). Glenn suggested separately that job boards ought to have a warning and I plan to share what I learn with the IAEW. We really don't know enough about the 'how' although I've got a few specific examples from firms of counterfeit job ads and emails from scammers representing themselves as an 'agent' of a job board that matched a job and profile. Suspect there are others but am blown away by the quality of the writing, patience and knowledge of each step. I'll work on getting permission to publish the examples I have.

Thanks for your interest. Also interested in innovative solutions that go beyond 'warnings'

Comment by Maureen Sharib on November 10, 2013 at 6:25am: Here was a telephone phish and was it ever good!

It's not recruiting related however; maybe there's a phishing incidence on the rise.

November 5 or 6 I get a call. It's automated. It says this it's our home mortgage holder and then asks if this is "Maureen Sharib or Robert middle initial Sharib. Press 1 to say yes or say yes."

I was busy and I vaguely recognized the name of the bank (Bob pays those bills and the mortgage had just changed hands in one of those govt approved switcheroo-mortgage-scams that are all in a class by themselves but we mere mortals aren't privy to the details to and yes, they seem to be on the rise again too!) and I said "yes."

It then tells me our mortgage payment is late and that it will pause while I "check my record and get my checkbook."

With that I woke up. Not only did I highly doubt our mortgage payment was late (I've never known Bob to be late on a payment!) but the fact that it wanted me to "get my checkbook" is what rang my bell.

However, I wonder how many others "ran" to get their checkbooks and obediently handed over routing numbers and account numbers!

Mortgages are public record and I imagine this new filing (the new bank took our mortgage over maybe a month or two ago) caught the attention of some phishing artists.

Taking this a step further I can also imagine foreclosure filings could be a lucrative phishing hole for scammers to ply their trade against those who have lost jobs so I can see where a scam like this could impact recruiting!

By the way when I pressed 0 to talk to someone live the line went haywire - it went to a fast busy signal which tells me, an experienced phone sourcer, that it's a line having trouble or it's an unassigned line.

In other words, I'm 100% sure out was a phishing call.

(Bob checked - our mortgage went out on auto pay just as it always does and was showing as paid.)

Comment by Gerry Crispin on November 10, 2013 at 1:58pm: I'm sending out a survey shortly in a newsletter I publish each month but anyone who has experienced a recruiting phishing scam is encouraged to take it.

Its only 5 quick questions and the results will get distributed to those who participate. It is also anonymous (although firms that can are encouraged to share). https://www.surveymonkey.com/s/DKSG55N

Comment by Keith D. Halperin on November 11, 2013 at 11:50am: Thanks, Gerry. Very interested.

I wonder why it has taken so long for this sort of thing to get noticed/ common? I would have thought that this would have been starting around 10-15 years ago, as the boards and internet recruiting became prevalent. I wonder how long until we start getting substantial numbers of phishing tweets and spoofed requests for FB Friendships, etc

At the risk of being "Mr. Gloom & Doom" again, I think it might be useful to have a group of white hat hackers/power users examine a new tool that's becoming popular, and see how it might be misused, so as to create ways of preventing or minimizing its misuse.

-kh

Comment by Tim Warson on November 12, 2013 at 12:33pm: This is terrible...the frustrating piece is how it reflects on our industry. It will be interesting to see if this affects the barriers to entry into our industry. It is also very sad to think of the people being taken advantage of.

I have to say, though, full-time recruiting seems like a lot of work for $50 and a credit card number...!

Comment by Gerry Crispin on November 12, 2013 at 12:51pm: Been around a long time Keith but the quality of the scams (text, graphics and concept) have improved 10x in the last couple years.

Comment by Keith D. Halperin on November 12, 2013 at 1:36pm: Hmmm. I wonder if the larger-scale criminal organizations have now (the last couple of years) become involved, and not just so a bunch of small-time crooks?

Comment