Facebook job scams are a relatively recent but fast-growing type of scam on the social network. It targets users who are looking for a job and are members of themed communities. The scammers promise to earn high-paying jobs with easy conditions but end up gaining access to the victim’s personal information.In this article, I explain in detail how these scams work and how you can avoid becoming a victim of one.
What is Facebook Job Scam?
Facebook fake job scam is a new trick in the arsenal of scammers operating on this social network. Researchers have warned of “ongoing attacks on multiple brands” that use Facebook ads to scam victims. The scam involves offering victims a work-from-home job with attractive conditions, only to trick them into revealing personal data and bank details. Scammers often send victims what appear to be legitimate job contracts. However, upon closer inspection, it’s clear that the contract is fake, and instead of a job, victims are left with compromised personal information. In some cases, fraudsters even convince victims to pay money, often under the guise of “training fees”.
In general, these scams have always existed in one form or another. We could create a whole section if we collected all the Facebook scams on our blog. However, these scams are more massive in nature and have negative consequences. In the best-case scenario, victims still end up providing scammers with sensitive information, such as document photos. In the worst-case scenario, victims face the full consequences: compromised accounts, infected devices, and stolen money.
How Do Facebook Job Scams Work?
Scammers often promote their “job offers” in Facebook chats, prompting victims to message them privately. They further pose as recruiters offering work-at-home jobs. For obvious reasons, con actors often present themselves as Qualys agents. As more people are now losing their jobs, crooks are using this.
The first wave of job-related issues began during the pandemic, when many workers were forced to either adapt to remote work or quit. The second wave is happening now, as the post-pandemic job market boom starts to stall. Scammers know that people are desperate to make money, and are using social engineering along with AI to skim users.
Once contact is made, scammers ask the victim to install a third-party messenger, like Go Chat or Signal, to continue the conversation. Further, they ask for additional information, reasoning that the victim can sign an “official contract.” Since this contract contains Qualys logos, correct corporate addresses and signature lines, it looks convincing in most cases. Next, frauds ask the victim to send copies of all parties’ government-issued IDs. At this point, the information-gathering phase comes to the end. But the scammers take it a step further, asking the victim to cash a check to buy software for a new computer that the “employer” will supposedly send for work.
As a result of all this, victims get their wallets emptied (and as they seek a job there’s not much they can freely waste!) and all the sensitive information collected. Using the latter, con actors can steal the identity of a person, which eventually leads to further losses and reputational damage.
Qualys Response
Qualys company confirmed that attacks targeting popular brands offering remote work are increasing. “In several cases, the scammer appears to have compromised legitimate Facebook users and then targeted their direct connections.” – they stated. The company clarified that it only posts job openings on its official website and reputable job sites, not on social media. Company also gave some tips to those who are looking for online jobs.
The U.S. Better Business Bureau (BBB) reports that employment fraud remains a growing online security issue. Online ad phishing campaigns are popular channels for scammers targeting people looking for jobs. Fraudsters use social engineering and impersonate reputable companies to steal data, credentials, or money. A lack of proper response from companies can lead to reputational damage caused by these scams.
Safety Recommendations
To avoid becoming a victim of such scams, you need to be able to recognize it at the initial stage. I have gathered the most valuable recommendations both from the company itself and from personal experience:
- Look for job listings in special sections on official company websites, or official pages of employment agencies. To avoid getting bamboozled, verifying job offers by contacting the company directly via their official website instead of social media channels is essential.
- Don’t fall for tempting offers. A suspiciously high salary for less workload may sound tempting, but is barely realistic. The saying has it: If it’s too good to be true, it probably is.
- Never install anything at the request of strangers. You don’t need to download an app to apply for any job. Genuine recruiters will contact you through phone or email or arrange a multimedia interview at their own expense. They have the necessary tools, so you don’t need to worry.
- Don’t pay in advance. Respectful organizations will not charge a fee for hiring you. Often, after the first interview, if the employer is interested, they will contact you back for a more specific talk. But no one will take money from you for “installing software” or stuff – those expenses are always accounted for in the cost of a hire operation. Any demands of that kind are a definite mark of a scam.
How to Report a Job Scammer
If you suspect you are talking to a scammer, or have fallen victim to one, there are steps to take to return your money and stop further fraudulent activity. For US citizens, the Federal Trade Commission is one responsible for taking care of it.
To report an incident to the Federal Trade Commission, visit the it’s official website, click “Report Now” and follow the instructions. If you paid fraudsters, contact your bank (if you are used debit or credit card, mobile payment app, or wire transfer), report the incident, and request they block your card and restrict your credit limit. If you paid with a gift card or cryptocurrency, immediately reach out to the technical support team of the respective service through which you sent the money, and report the fraud. Request the transaction be canceled, if possible.
