publishing date icon
January 13, 2022
read time icon
5 min. read

Recruitment Scams: The hacker ate my homework!

Attackers usually have to do their own homework to pull off a credential harvesting campaign. Make sure you don’t do their homework for them as we’re seeing happen with an uptick in recruitment scams!

Author image
Jon Gellin
Threat Analyst
facebook iconLinkedin iconTwitter icon
Post hero image

Employee turnover is at an all time high in nearly every industry due to a wide range of factors, with the ongoing global pandemic being a chief driver of them. For a recruitment scammer, this is like reliving the gold rush.

Recruitment scams, sometimes also called employment fraud, happen when a malicious actor claims to be a recruiting agent for a job that does not really exist. These types of fraudulent job offers can be found all around the internet; they could be posted on recruitment sites, advertised on social media, or sent via email.

By offering a good salary, nice benefits, and a flexible work environment, malicious actors gain easy access to vast amounts of personal information unwittingly sent from job seekers, which in itself can be used for more targeted phishing campaigns or identity theft.

Unfortunately, many job seekers are desperate for a job, and therefore easily manipulated by malicious actors using social engineering techniques.

Recent recruitment scam campaign example

In one fraudulent recruitment campaign we’ve identified, the malicious actors are posing as a newly founded United States subsidiary of a large European energy company. The job offers are advertised via email and text messages.

Should one apply to this job, a homework assignment is given to increase the legitimacy of the process.  

With that out of the way, we’re moving to the paperwork section of the process. Here, the malicious actors have a great opportunity to request in-depth information such as social security numbers, banking information, tax information, and other personal information. You already did the homework assignment, so why stop now?


At this point the scam can continue in a few ways. Usually, all contact is dropped as the malicious actors have already stolen so much valuable information. However, another oft-used technique is to make the job seeker pay for supplies or administration fees before starting work. Depending on the position advertised, these can be disguised as fees for software, time tracking devices, or other work equipment.  


Staying Off The Hook

Staying safe from these types of scams can be quite tricky when hurriedly sending out multiple applications. Sometimes these fraudulent job offers find their way even to the most trustworthy recruiting sites.

  • Don’t respond to any job offers sent from free email services. Instead, verify that the domain used for sending the email is legitimate and owned by the company in question.
  • Ask lots of questions. If the recruiter is being evasive or fails to answer your questions, this is a sign that something is not right.
  • A recruiter's job is to ensure that you’re a good fit for the company and the team that is hiring. If there is no interview, chances are that it is a scam.
  • If the salary and benefits are way above average for that type of position, something fishy is usually going on. If it’s too good to be true, it probably isn’t.
  • Check the company’s own website or LinkedIn profile to verify that they indeed are hiring. Most companies post their job offers in many different places, which you can use to verify the legitimacy of an offer.

Hoxhunt response

Our Threat Analysis Team examines tens of thousands of reported phishing emails, including ones like these, a week–and have captured tens of millions of threats to date. Working together with our powerful machine learning model, they cluster the threats, rate them, and incorporate the nasty ones into our training simulations in real time to ensure our training stays at the cutting edge of the constantly-evolving threat landscape. Hoxhunt users are thus drilled on spotting and reporting the latest actual threats making the rounds, removing potentially catastrophic threats from your system with every push of the Hoxhunt reporting button. Read more to learn how to equip your employees with the awareness training that will protect your company from phishing scams.


Subscribe to our newsletter