These scammers are getting smart.
There’s no denying that today’s job market is horrid, as the unemployed are struggling to not only get a job offer but to land a single interview.
As eager as job hunters may be, experts advise them to be wary when an “opportunity” pops into their inboxes, as scammers are hijacking accounts by posing as talent recruiters and using a Google tool to make fishy job offers seem legitimate.
“Unfortunately, recruiter scams are becoming increasingly prevalent and harder to spot in today’s technology-enabled job market,” Amanda Augustine, resident career expert for resume.io and a Certified Professional Career Coach (CPCC), told The Post.
The email — which will appear from [email protected] — is professionally written and offers a job opportunity that closely matches the recipient’s background.
Scammers most likely comb through LinkedIn and previous data breaches to find email addresses of those looking for a job, according to KSBW.
Because AppSheet, a no-code application powered by Google that allows users to build custom apps without any coding, is a part of the Google Workspace suite, emails from the tool are often delivered to inboxes and are almost always considered safe — which is exactly what the attackers are exploiting.
Several people on social media have reported receiving these emails. Most of them have similar wording and impersonate recruiters from major brands, including Meta, Adobe, Disney, Coca-Cola, Spotify, Christian Dior and L’Oréal, to name a few.
“I am reaching out regarding a unique project-based collaboration with Adobe for the position of Marketing Manager. Your impressive background in campaign management aligns well with the dynamic expertise we are looking for on this initiative,” one email read, a user shared on Reddit.
The responsibilities listed tend to be very broad and “not tailored to the specificities of the company,” another Reddit user who received one of the scam emails noted.
Victims who fall for these bogus opportunities will often click the link in the body of the email and will be directed to a fake job portal where they are led through several counterfeit application pages before landing on a phishing site that prompts them to log in via their Facebook accounts to “proceed with the application.”
That page gives attackers access to personal information and login credentials, potentially allowing them to take control of the victim’s account and install malware.
One LinkedIn user shared that when she received this type of email from Adobe, she was suspicious and reached out to the company to check its legitimacy. She was told by an Adobe employee, “There should be a recruiter name at the bottom, and a calendar link, so no, not from us.”
In the comments, another shared that they were also doubtful about an email they supposedly got from L’Oréal, writing, “It was very convincing, but also seemed too good to be true so I did a little research before replying. Beware!”
Like these almost-victims, Augustine recommends, “Trust your gut: if an opportunity seems too good to be true, it likely is. That could look like a high-paying role with vague responsibilities, little information about the company, or no clear requirements for the candidate.”
The tricky thing is that hackers don’t use mispelled, funky-looking fake emails. Instead, they’re using a legitimate @appsheet.com address originating from Google’s mail servers.
However, a legitimate recruiter will use a company email address that matches the organization’s domain — not a no-reply address, Augustine pointed out to The Post.
She said that people shouldn’t take the display name at face value either, since it may look legitimate, but the actual email address proves otherwise.
It’s also a red flag if the email doesn’t include an identifiable contact person, job location or link to the role on the company’s official website.
“It’s always worth doing a bit of due diligence before responding to the message. Look up the recruiter on LinkedIn and confirm they actually work for the company they claim to represent; you should see a complete profile and connections to other employees. If anything feels off, go directly to the company’s careers page rather than clicking on links in the message,” the expert advised.
Google told The Post that they’re aware of the AppSheet scam and they’ve added safeguards for users.
“We are aware of these phishing campaigns and have taken action to block the accounts and apps violating our policies. We have also implemented additional automated protections to detect and prevent similar abuse of AppSheet’s communication features,” a Google spokesperson said.
“While our systems successfully block more than 99.9% of spam, phishing, and malware, we encourage users to remain vigilant. We recommend reporting any suspicious emails as ‘phishing’ within Gmail, which helps our AI models better identify and block evolving tactics in real-time.”
According to Google, AppSheet uses a layered defense that includes account verification, rate limiting on outgoing communications and content scanning, which are “strong and effective protections.”
Google advised users to use the “Report Phishing” button in Gmail if they receive one of these messages.
Additionally, they suggest verifying the source, noting that high-value job offers usually come from a corporate domain rather than a generic automation service, in addition to hovering over “apply” buttons and links before clicking them, since job applications rarely redirect through a series of intermediate URL shorteners.
“Remember, a legitimate employer will never ask you to send money, share bank account details, or provide sensitive information before you’ve gone through a formal interview process,” Augustine added.
“When in doubt, take a step back and verify before you respond; a few extra minutes of research can save you from a much bigger problem.”
The post Scammers are sneakily using a Google tool to target job hunters — here’s how to protect yourself appeared first on New York Post.
