At first, the job seekers didn’t notice anything out of the ordinary. One spotted a post on ZipRecruiter for a position at J.P. Morgan, another submitted an application on LinkedIn for a vice president of marketing role at a tech startup, and a third got an email from a recruiter about a high-level position at an outdoor clothing company.
But there were no employers on the other end. Instead, these listings were driven by increasingly innovative scammers using complex schemes to lure job seekers into a range of financial traps as a growing number of Americans struggle to find work.
It’s a new wave of scams that goes beyond the poorly worded text messages that took off during the pandemic, offering remote work for pay that seemed too good to be true. Now, scammers are posting jobs nearly indistinguishable from legitimate listings, some appearing on trusted websites, like LinkedIn or ZipRecruiter, or coming from spoofed or hacked email addresses of recruiters, according to interviews with more than 20 job seekers, cybersecurity experts and executives of hiring websites. That’s left even highly educated and tech-savvy job hunters at risk.
“These fakes look so real and so legitimate, it’s almost impossible for would-be job seekers to tell the difference,” said Eva Velasquez, CEO of the Identity Theft Resource Center, a nonprofit that helps identity theft victims.
For more on this story, watch “Hallie Jackson NOW” on NBC News NOW at 5 p.m. ET.
Often, the end goal of a phony job posting is to lure applicants into handing over sensitive personal information, like a Social Security number for employment verification or a bank account for direct deposit. Other schemes try to entice victims to click on a link, such as for a Zoom interview, and then install malicious software.
In one common scam, a fake employer offers someone a job and then tells the person to buy expensive equipment to work remotely. The supposed company says it will reimburse the employee and sends a fraudulent check — sometimes for more than the equipment was worth, asking the employee to send the difference via PayPal or Zelle before the fake check bounces.
In the first half of the year, online job scams rose 19% compared to a year earlier and have cost Americans nearly $300 million, with the typical victim losing around $2,000, according to data from the Federal Trade Commission.
“It’s especially concerning when we know a lot of people are looking for work or looking for extra income,” said Kathleen Daffan, an attorney with the Federal Trade Commission.
It is hard to track who is behind the scams because bad actors mask their identities behind fake emails, phone numbers and IP addresses. But cybersecurity experts believe many are coming from the same criminal organizations in Southeast Asia that have been linked to other high-profile swindles in recent years, like romance scams on dating apps.
“It’s all a similar type of social engineering,” said Selena Larson, a senior threat intelligence analyst with cybersecurity firm Proofpoint. “You’re targeting someone’s emotions and their vulnerabilities to take risky actions.”
A report by Reuters last month found that North Korean hackers were posing as recruiters and using LinkedIn and Telegram to pitch a blockchain-related job.
Dave Pedersen had been looking for nearly two years when he received an email last fall from a person who claimed to be a recruiter at the outdoor clothing brand Arc’teryx, asking if he was interested in a head of communications role. After working for 20 years in communications for tech companies, he thought it was a great fit and applied. He did a written interview, which he thought went well.
But as the process went on, he grew suspicious. During a phone interview, the supposed executive on the other end didn’t seem to ask questions relevant to the job. He looked back at the original email and realized the address was slightly off from the company’s website domain. He found the recruiter he thought he had been dealing with on LinkedIn and reached out. She wrote back, telling him that multiple people had already emailed her about the scam that day.
“I’ve worked in cybersecurity. I have a background in fraud and scams. I thought, I will never be the victim of a scam,” said Pedersen, who cut off contact before losing any money. “If somebody in cybersecurity is having this issue, I can only imagine what people who are not as clued in are dealing with.”
The increasing sophistication of the job scams comes as the number of people who have been out of work for at least six months has reached its highest level since 2022, with around 2 million people in the U.S. considered to be long-term unemployed.
Meanwhile, hiring has essentially ground to a halt, with the labor market adding an average of only 29,000 jobs a month over the summer, according to government data. For the few available jobs, applicants said they feel like they are at war with algorithms that companies have adopted to filter the flood of résumés.
Even when scammers don’t steal any money, Velasquez, of the Identity Theft Resource Center, said that the sheer amount of data in a résumé or a written interview can put people at risk.
“Your data is oftentimes just as valuable, if not more so, than small amounts of cash, because that can be monetized over time in many different ways,” she said.
When Andrea Maestas applied last month for an administrative assistant job she found on ZipRecruiter for J.P. Morgan in Colorado, she received an official-looking email saying the company was interested in hiring her, but she needed to have a credit score on file. The email directed her to two links, but when she clicked on them, her computer warned her they were unsafe. She reported the issue to ZipRecruiter, which told her it was a scam and the account had been shut down.
Even though she never shared any financial information, she’s still concerned that clicking the links could have jeopardized her security. The scammers, she said, are preying on “that desperation or that fear” that job seekers feel.
ZipRecruiter uses an internal system to detect job scams and takes down posts that it determines to violate its terms of use, ZipRecruiter spokesperson Claire Walsh said in a statement.
Timothy Brown said he was caught off guard by a scam at a place he trusted — LinkedIn. He said he didn’t think twice when he spotted a vice president of marketing role at a cryptocurrency technology company last month. He applied through LinkedIn and was thrilled when a recruiter texted him later that day.
“You’re thinking, great, finally somebody wants me and is interested in me,” said Brown, who left his previous job in July. “You’re applying for jobs, you’re not hearing from anyone because the job market is so terrible right now, and then somebody wants to go to that next level and actually engage with you.”
But the promising employment prospect quickly turned into a bizarre string of interactions involving probing questions about his finances and flirty emojis from a supposed recruiter named Anna. Brown eventually grew suspicious and stopped responding to her.
His hunch turned out to be correct. A representative from the company, imToken, told NBC News it made no such job posting on LinkedIn, hadn’t reached out to Brown, and didn’t employ anyone named Anna.
The post Job scams on trusted sites like LinkedIn and ZipRecruiter are preying on workers’ desperation appeared first on NBC News.