The main element of this type of
activity is usually the online posting – by a fraudster – of a job listing for
a purported vacancy with a known and trusted company. These postings can be
made on websites, forums, social media, or even via the same legitimate
job-boards and agencies as may be used by the official organisation. The fake
postings may be fiendishly difficult to distinguish from legitimate ones, often
using the same wording and look-and-feel, and it may be the case that the only
indicator of non-legitimacy is the use of an unofficial contact e-mail address
or telephone number. These e-mail addresses may make use of
specially-registered, brand-specific (but non-official) domain names, or
accounts registered through webmail providers such as Gmail, Hotmail or Yahoo!.
Similarly, the contact telephone numbers used in these scams may also take a
variety of forms (including international numbers), but in many cases have the
format of regular domestic mobile-phone numbers, whilst actually connecting via
lines operated by virtually-untraceable satellite service providers. Frequently,
the job ad may also be accompanied by a fake website, making use of official
company branding.
The methodology behind the scam usually involves the applicant being asked for a sum of money, and/or the submission of personal details (such as a scanned image of a passport photo page), allegedly as part of the application process, but actually as a means of making money for the fraudster (i.e. a type of 'advance-fee fraud') or as part of an identity-theft attempt. In cases where victims have been scammed whilst believing they are dealing with a legitimate company – which may be either an employer or a recruitment agency – this can have serious detrimental effects on the organisation's reputation. Talking about the issue in 2014, a representative of Jobsite stated that 'the recruitment industry as a whole faces broad reputational damage'[2].
The methodology behind the scam usually involves the applicant being asked for a sum of money, and/or the submission of personal details (such as a scanned image of a passport photo page), allegedly as part of the application process, but actually as a means of making money for the fraudster (i.e. a type of 'advance-fee fraud') or as part of an identity-theft attempt. In cases where victims have been scammed whilst believing they are dealing with a legitimate company – which may be either an employer or a recruitment agency – this can have serious detrimental effects on the organisation's reputation. Talking about the issue in 2014, a representative of Jobsite stated that 'the recruitment industry as a whole faces broad reputational damage'[2].
Accordingly, it is crucial for companies
to have a strategy for carrying out online monitoring, in order to identify
instances of misuse of their brand names by fraudsters operating these types of
scam. Many brand-protection service providers will have a variety of tools to
assist with this type of detection, which may include 'spam traps' (to identify
instances of spam e-mails in which the purported job vacancies are being
advertised) and other tools to monitor online content, both on known sites
(such as social-media platforms and job boards) and generally across the
Internet (e.g. the detection of new domain registrations which may be used
fraudulently).
There are also a number of enforcement options available, once fraudulent content has been identified; the phone numbers and e-mail addresses used in these scams can often be deactivated via the sending of a notice to the appropriate service provider (if proof of fraud can be provided) and, in many cases, fake sites can be deactivated by sending a takedown instruction to the registrar or hosting provider in question.
A proactive programme of monitoring and enforcement can be vital to prevent the reputational and financial damage which can arise from a brand name being associated with a campaign of fake job advertisements. In addition, many companies will also post content on their own websites giving information on known scams, and outlining their legitimate recruitment procedures, as a way of raising awareness and protecting potential applicants.
There are also a number of enforcement options available, once fraudulent content has been identified; the phone numbers and e-mail addresses used in these scams can often be deactivated via the sending of a notice to the appropriate service provider (if proof of fraud can be provided) and, in many cases, fake sites can be deactivated by sending a takedown instruction to the registrar or hosting provider in question.
A proactive programme of monitoring and enforcement can be vital to prevent the reputational and financial damage which can arise from a brand name being associated with a campaign of fake job advertisements. In addition, many companies will also post content on their own websites giving information on known scams, and outlining their legitimate recruitment procedures, as a way of raising awareness and protecting potential applicants.
References
[2] http://www.recruitmentagencynow.com/we-were-alerted-to-a-profile-on-linkedin-which-turned-out-to-be-completely-unreal/
This article was first published as 'The rising risk of fake job advertising' on 25 July 2017 at:
http://www2.cipd.co.uk/pm/peoplemanagement/b/weblog/archive/2017/07/25/opinion-the-rising-risk-of-fake-job-advertising.aspxThis article was first published as 'The rising risk of fake job advertising' on 25 July 2017 at:
Also available at:
.jpg)
No comments:
Post a Comment