Over the past year, cyber threats targeting the online recruitment industry have grown exponentially and should be a front of mind concern for recruiters – if they aren’t already. With the global economy said to have lost out on $3.7tn in earnings throughout the pandemic and the UN’s International Labour Organization stating that 8.8% of global working hours were lost in 2020, it’s needless to say jobs are in high demand. This period of disruption and desperation has made the industry ripe for threat actors to take advantage of, as unemployment rates continue to rise across the world due to COVID-19.
From-home recruitment also leaves gaps in the process for fraudsters to take advantage of, and with such a high volume of applicants on the lookout for employment, new tricks and more sophisticated techniques are constantly being developed and rolled out.
In this article, I will explore the rising cybersecurity challenges recruiters are facing by looking at the most up-to-date job scam techniques being used. Finally, I will advise recruiters on the best tips to help prevent both the job hunters they are working with and organisations who are recruiting from becoming victims of these threats.
Attacks trending in the recruitment space
Fraud in unemployment and job-seeking began to rise dramatically in May 2020, around the time the COVID-19 pandemic was at its first high point and working from home was becoming the new norm. While targeted attacks are not a new trend in the cybercrime threat landscape, the advanced techniques increasingly being adopted in response to vulnerabilities caused by the pandemic are making it harder for individuals to spot when they are being attacked.
An especially loathsome trend has seen cybercriminals taking advantage of individuals and organisations disproportionately affected by the pandemic, with one of those groups being jobseekers. Across the world, unemployment is rivalling devastating levels last seen during the 2008 recession, reaching 5% in the UK and 7.9% in the US alone, meaning a growing number of people are trawling the internet for increasingly competitive job opportunities, with many becoming desperate.
There are a variety of techniques being used by attackers to trick job hunters, with many utilising recruitment companies and big brand names to evoke a sense of trust in those being attacked. As a recruiter, it is important to be able to spot these to protect both your individual clients and the brands you represent, as well as your own firm. Some popular attacks include:
- Lookalike sites
Threat actors are creating lookalike sites which enable them to impersonate recruiter firms. This is more of a risk for recognisable brands and well-known recruitment agencies as their company’s name and reputation will automatically result in trust for many victims. Worse still, some fraudsters appear to be using access to legitimate recruiting sites. Signalling any kind of interest with an impersonator — through clicks, replies, or other forms of interaction — can result in people unknowingly sharing sensitive personally identifiable information (PII) with a fraudulent website.
2. Overpayment schemes
Overpayment schemes trick job seekers into disclosing sensitive bank account information with fraudsters asking for direct payments in order to “process a candidate’s application paperwork” or something similar. Some victims have also experienced cybercriminals sending an electronic cheque-like request form that acts as a ploy to steal their financial information. These cheques come in a range of formats with some being counterfeit, forged or having altered security features, such as fake watermarks or security coatings.
3. Money laundering
Threat actors have also been seen to trick applicants into conducting money laundering. Candidates will assume they’ve entered remote full-time employment when really they are being used to launder money to help them “start up their own branch” of a non-existent business or buy office furniture, for example.
Fighting back against fraudsters
With the pandemic far from over, it’s essential for recruiters and security leaders within organisations who are recruiting to recognise the key traits behind ongoing fraud scams so that everyone is protected. Everyone in recruitment has the responsibility to implement measures that will prevent these attacks from impacting applicants and businesses. This can include maintaining and raising awareness of potential threats, sharing knowledge with candidates and internal teams to spot warning signs or suspicious behaviour and, within security teams, implementing in-depth network security to protect the business from being hacked or imitated online.
A layered approach to cybersecurity is key to prevent this happening and threat intelligence platforms like Flashpoint, integrated with automated security operations, can ensure potential hacks and breaches are identified by monitoring murmurings in online threat actors’ conversations as soon as they happen. This will enable your team to proactively defend the organisation and alert the wider business to any specific threat methods to look out for. Alternatively, if you discover the organisation or any of the brands you work with have unfortunately been breached, it will allow you to act quickly to alert candidates to change passwords and watch out for suspicious communications.
To protect candidates, recruitment companies must combine clear communication, i.e. clearly stating what applicants should expect in terms of the hiring process, with more technical cybersecurity measures to protect data and counter breaches as soon as they happen.