Skip to main content

Job scams are on the rise: 5 red flags to watch for

 

By

Close up photo of a hands holding a smartphone, which is displaying a keyboard. An icon of emails and an alert symbol is overlaidMove-in, Fall Fest and a drink from the Old Well are some of Carolina’s best traditions for the beginning of the Fall semester. One of the worst? Job scams.

Criminals send phishing emails year-round and use techniques that make you more likely to click. Near the holidays, gift scams are common. During tax season, fake tax filers and IRS scams rise. And when students are looking for the perfect on-campus position, phishers jump in with job scams.

Replying to a job scam could have serious consequences. It’s bad enough that phishers scam you out of money, but these fake jobs can also lead to identity theft and lasting damage.

Before you send an application that might lead to identity theft, pay a background check fee, accept a package or cash a check for supplies — take a minute to be skeptical. Ask yourself, does the email match any of these red flags?

You didn’t apply for the job

Most of the time, you need to apply for a job before you’re offered one. If you receive an email with a new role promised to you and you haven’t applied, that’s a red flag. Many job scams say that they “found you in the directory” or “got your name from a list of students” but that doesn’t make it any more likely to be a real job.

From: Campusoffice.unch@gmail.com
Dear Student, we are pleased to offer you a research position! Please contact us via WhatsApp for info.

You may also get emails encouraging you to apply to job openings. Some of these will be from legitimate groups like clubs and departments. But before you reply, take a minute and ask yourself a few questions:

  • Do you know the sender?
  • Is the sender a real person at the University? If so, is that the email address listed in the directory?
  • Can you find a website for the department, unit or company? Does the website have information about job listings or somewhere you can confirm that it’s a real position opening?
And when you decide to apply for a job, communicate through official channels. Legitimate companies are more likely to contact you via email or phone call. It’s unlikely a legitimate company will contact you via WhatsApp, Facebook or Telegram.

The salary is very high or it pays up front

When something sounds too good to be true, it probably is. With job scam emails, it’s common to see offers with eye-popping salaries. One real-life example promised $350 a week for six hours of work.

Scammers are hoping those offers are so exciting that you’ll think it’s worth the risk to reply — it’s not. While there are great paying campus jobs out there, an unsolicited high-paying offer should be a strong clue it’s a scam.

From: DaviesLibary@yahoo.com
Now hiring for a campus office job. Compensation is $350 for 6 hours/week of work.

Another variation is that scammers will offer to send you payment up front. They might say it’s an advance on your first paycheck, or that they’ll send a check so you can buy office supplies. All you need to do, they say, is deposit the check and send some of the money back to them to cover fees.

After depositing the check, you may feel confident sending some money back. But the scam relies on the delay between you depositing the check and your bank discovering it’s a fake. Once your bank tells you the check was fraudulent, the scammers will already have the money you sent — and you won’t be able to get it back.

They’re asking you for money

Often, a job scam entices you with an easy job and asks for money once you’re hooked. They figure that once you’re excited about the job, you’ll pay to make sure it stays on track.

It’s common for scammers to ask you for application fees or to cover the cost of a background or credit check. These aren’t costs that job applicants should pay for.

From: DrRePHD@ooeir.ru
Remote job for students: mail packages for lab. Send $5 background check fee with your application.

Another variation is that scammers say you’ll assemble products for high pay — if you buy a starter kit or supplies from them.

For all variations on the scam, once you’ve paid, the job disappears — and so does your money.

The application asks for a lot of personal information

Admittedly, all jobs ask for personal information. Things like your email address and phone number are fair game, but job scammers often ask for a lot more.

From: UNChancellor@gmail.com
Apply to UNC campus jobs using this Google Form. You must include a copy of driver’s license or passport.

Scammers use these fake job applications to harvest your valuable data. They may use that data to steal your identity or sell your data to someone else who will. Or, they may also use the information you shared to access other accounts. They can use this personal information to pretend to be you and reset your password at places like your bank or Amazon.

A job application won’t ever need your mother’s maiden name. And you won’t need to share your date of birth and Social Security number until you’re officially hired — anyone who’s asking for those on a job application is trying to steal your identity.

And be careful with how you apply. Google Forms and PDF job applications aren’t always scams, but you can’t be sure where that information goes when you hit send. Applying on official company, department or University sites is your best bet to keep your private information out of scammers’ hands.

It just looks phishy

Phishing emails — including job scams — tend to follow a lot of the same patterns. And when you recognize those patterns, even subconsciously, you’ll notice the message feels “off.”

From: J0hnSmuth@28zqrz.cz
Apply now!Here is an amazing virtual job position that pays over 500 weeklies!!! CLICK HERE

Here are some things that give that “phishy” feeling:

  • The “from” address doesn’t match the sender name or is an attempt to look like someone affiliated with the University, like Chancellor.unc.edu@gmail.com.
  • The “to” field includes a bunch of other people, or it’s blank and you’re blind carbon copied (bcc’ed).
  • The email has poor spelling and grammar. It may also feel stilted or like it’s written by AI.
  • There’s a sense of urgency or emotional manipulation. Common themes include that you must act now or bad things will happen or that you’ll miss out on an opportunity if you wait.

What to do if you receive a scam

If you know a message is a job scam — or any other kind of phishing message — use the “report phishing” button in Outlook or Heelmail. Reporting a message as phishing alerts Microsoft to review and potentially remove the message from other inboxes. This can help keep other Tar Heels safe by removing the email before they see it.

If you’re not sure if a message is phishing, contact the ITS Service Desk. You can call 919-962-HELP (4357) or use the Help Portal to chat live or submit a help request. Phishing emails almost always include a sense of urgency — that you must act now. But the reality is that there’s always time for you to get a second opinion from ITS before you respond.

If you were defrauded by a job scam — like if you sent money or gift cards — you can file a report with the FTC and FBI.

Visit Safe Computing at UNC for more ways to avoid cyber scams and phishing attacks.

Comments are closed.