Facebook is probably the most widely used social media globally. Unfortunately, it has also become a hub for scammers to target unsuspecting users. Among them, fake job scams appear to be on an uptrend. What they are, and how to avoid them – I am going to cover those questions in this post.
What is Facebook Job Scam?
Facebook fake job scam is a new trick in the vast toolkit of scammers who operate in this social media. Its essence is to trick users with offers of remote-home positions but ultimately steal their data and banking credentials. Researchers have warned of “ongoing attacks against multiple brands” that use Facebook ads to trick victims. The scams go so far as to send what appear to be legitimate work contracts to victims. However, instead of the promised work, victims receive stolen information and, in some cases, money.
In general, such scams have always existed in one form or another. We could create a whole section if we collected all the Facebook scams documented in our blog. However, this fraud has more mass scale and negative consequences. Even in the most innocuous outcome, the victim provides the scammers with confidential information, namely photos of documents. In the worst case, the victim is taken for the full ride – compromised accounts, infected devices, and stolen money.
How Do Facebook Job Scams Work?
The scammers advertise fake job openings in Facebook group chats, encouraging victims to private message them. The scammers then pose as Qualys recruiters offering work-at-home jobs. These job scam texts often occur in group chats, soliciting users to message the scammer who posts the job opening privately. Work-at-home jobs have always been a fishbowl for scammers, mainly because of the pandemic. As more people lose or quit their jobs, scammers exploit the situation by targeting job seekers. They know some people are desperate to make money and use this to lure in new professionals not used to working from home.
Once the scammers have established a connection with the victim, they ask the victim to install a third-party messenger, Go Chat or Signal, to continue communicating there. Next, the scammers ask for additional information so that the victim can sign an “official contract”. Since this contract contains Qualys logos, correct corporate addresses, and signature lines, it seems convincing. Next, the scammers ask the victim to send a copy of a state-issued ID of all sides. Finally, crooks ask the victim to cash a check for the software purchase for a new computer that will supposedly be delivered to them by their new employer.
Qualys Response
The company confirmed the increasing attacks on popular brands offering remote work. “In several cases, the scammer appears to have compromised legitimate Facebook users and then targeted their direct connections.” – they said. It stated that it does not publish vacancies on social media. Qualys also clarified that it publishes job postings exclusively on its official website and other reputable job sites. The company also gave some advice for those looking for jobs online.
Job scams are indeed a constant online security issue, one that’s currently on the rise, according to the US Better Business Bureau (BBB). Online ads and phishing campaigns are popular conduits for job scammers. They use social engineering to bait people into responding and steal their data, online credentials, or money. Without an appropriate response from companies, scams can also have a negative reputational impact on those whose brands are used in the scam.
Safety Recommendations
To avoid becoming a victim of such scams, you need to be able to recognize it at the initial stage. I have gathered the most valuable recommendations both from the company itself and from personal experience:
- Look for vacancies in special sections on official company websites. To avoid potential scams, verifying job offers by contacting the company directly via their official website instead of social media channels is essential.
- Don’t fall for tempting offers. Suppose someone offers you suspiciously favorable conditions or a salary above the market. In that case, it is a good reason to think twice. Adopt the mindset: If it’s too good to be true, it probably is.
- Never install anything at the request of strangers. You don’t need to download an app to apply for any job. Genuine recruiters will contact you through phone or email or arrange a multimedia interview at their own expense. They have the necessary tools, so you don’t need to worry.
- Don’t pay in advance. Let’s take a closer look at this point. Self-respecting organizations will not charge you a fee to hire you. Often, after the first interview, if the employer is interested in you, they will contact you again for a more detailed talk. They may also offer an internship or a trial period. But no one will take money from you for “installing software” or stuff – those expenses are always accounted for in the cost of a hire operation. On the other hand, scammers often ask for upfront payment for equipment/software/training/etc as a prerequisite. This is a definite sign of a scam. Never accept a check and cash it digitally from an unknown virtual or digital source. Always go to the bank and treat any such check with high suspicion.
If you suspect you are talking to a scammer, sever all communication immediately. Trusting your instincts and not engaging with the scammer any further is essential. At the same time, keeping a record of all previous interactions, including emails, messages, and phone numbers, is crucial. This documentation could be handy in potential investigations or to alert others about the scam. Next, change passwords and monitor bank accounts for unusual activity to protect your personal and financial data. Finally, report the scam to relevant authorities and alert your personal/professional network to prevent similar incidents.