Oscar Rodriguez, the vice president of product management at LinkedIn, told the Financial Times that these scams are becoming more sophisticated. Scammers are spoofing the pages of legitimate companies to snare victims. They are reaching out to victims via LinkedIn’s InMail messaging system masquerading as employers, creating phony Skype profiles to conduct follow-up interviews, and leveraging artificial intelligence (AI) technology to make their scams more convincing. In a Community Report released in December 2022, LinkedIn said it detected and removed over 87 million spam or scam messages and nearly 22 million fake accounts in the first half of 2022.
Sophisticated Recruitment Scams
“There’s certainly an increase in the sophistication of the attacks and the cleverness,” Rodriguez said. Not only are scammers successfully tricking job seekers, but they’re also defrauding them of their money by using social engineering tactics to get victims to share personal and financial details. These tactics are also used in help desk fraud schemes. Rodriguez said scammers set up fake lookalike websites and call victims from phony phone numbers “with a seemingly professional operator picking up the phone and answering on the company’s behalf.” According to LinkedIn, one telltale sign of a scam is when recruiters make financial requests or ask for personal data like your payment information. Also, be cautious of recruiters who make lofty promises of compensation or ask you to purchase your own work equipment. Scammers sometimes try to get victims to download an app or click a link (that usually takes users to a phishing website) to continue the application process. “To top it off, they also created Skype profiles with the picture of the recruiter from the companies to conduct interviews as well,” VP of security research at Zscaler Deepen Desai said. Zscaler is one of the companies that scammers are impersonating. Last month, the cloud security company released a report revealing that scammers are impersonating companies in the U.S. and Canada on various recruitment sites like LinkedIn and SmartRecruiters. Zscaler said cybercriminals are registering phishing domains and using fake application forms to steal users’ personal data. According to the Federal Trade Commission (FTC), consumers reported losing nearly $8.8 billion to fraud in 2022. In the third quarter of 2022, the FTC received 22,325 reports about recruitment scams, with a median loss of $2,000.
Cybercriminals are Using AI Technology for Scams
Scammers are using new AI technology like OpenAI’s ChatGPT in their fraudulent schemes. In January, cybersecurity firm CheckPoint revealed that cybercriminals are using ChatGPT to create new hacking tools and dark web marketplaces. Scammers are also using ChatGPT to write phishing emails, love letters, job recruitment ads, and other materials to lure and trick victims. The use of generative language programs like ChatGPT makes it much more difficult to detect scams. AI is also being used to create deepfake photos to fool victims. LinkedIn uses a combination of automated defenses and human reviewers to stop scams. Rodriguez said LinkedIn now has its own AI system to detect “deepfake generated profile photos.” To avoid falling for recruitment scams, job seekers must be wary of phishing emails from suspicious senders or people contacting you with unsolicited offers that seem too good to be true. A legitimate company will never ask for details other than your name, phone number, and address before hiring you. If you receive scam messages, report them to LinkedIn.