This week’s topic will be about the threat of social engineering on job postings. Now the question is how can there be threats? There are threats because there will be people who want to take advantage of any possible situation especially during dire times when people are finding new jobs for any reason. They have to be careful as scammers are rising especially during times of covid-19. According to FTC scam’s reached the highest record level in the second quarter of 2020.
Scammers tend to use some of the principles of social engineering which are scarcity, authority, liking, social proof, commitment, and reciprocity versus techniques (ex: phishing, waterhole, etc.) mentioned in my older post. Techniques and principles go hand to hand to deceive and steal information.
Key Principles and examples
- scarcity — limited supply (limited jobs)
- authority — obeying authority figures (HRrep asking for info)
- liking — persuaded by other people whom they like (friendly individuals)
- social proof — individuals may do things that they see other people are doing (fake positive reviews of comapnies)
- commitment—If individuals commit to a goal, they are more likely to honor that commitment (already went through 3–4 interviews)
- reciprocity — tend to return a favor (possibly HR saying it was hard to get these interviews for the interviewee)
The most common techniques scammer has used so far are scarcity and authority but others may be used as well. How is it used? Scammers used impersonation (technique) with the principle of scarcity (principle). Faking as recruiters (authority figures) from legitimate companies. You might go through “interviews” once accepted of a “job” you would provide personal info as you would for payment or tax reasons. You might be tempted to give the info to accept the fake jobs because of limited openings (scarcity).
Other than a potential employee’s awareness of such tactics. Employers need to be careful as it can have reputational damage to them.
What can people do?
- Do research on companies before applying. Scammers may operate under legit companies but this will reduce suspect companies.
- Review links that may try to steal personal info. Companies should have postings on their websites as well.
- Be wary of “head hunters”. If it is too good to be true, it might be.
