You know what really bothers me? Scams… and the worst of the worst are those who target the most vulnerable.

One of the worst of those is the hiring scam.

What is a Hiring Scam?

You’ve probably seen one and barely paid any attention to it. Or, perhaps, you saw it, and something felt off, so you avoided it. Or, you don’t spend much time where these always pop up.

Or you saw a job scam, and it seemed reasonable, but something just felt off.

Hopefully, you didn’t get nabbed by one.

A scam centred around hiring starts with someone looking for work answering an ad by a company that put up a job ad. These are usually on social media, but I’ve seen them on Craigslist and Kijiji. Generally, they don’t happen on sites that verify employers or pages as part of sign-up, making a prime target a particular social media platform where pages can get spoofed all the time (more on that in a minute). The job seeker answered the ad, and the interview doesn’t immediately set off any red flags except for a few things:

1. It’s never on the phone, in person, or even on Zoom or other video conference platforms.
2. It’s always through text, usually on the platform the ad was on, or the advertiser will push to go to WhatsApp, Signal, or Telegram.
3. They never need to look at your resume, LinkedIn, etc.

While these platforms are not inherently wrong, I use them all because they are typically end-to-end encrypted, which is different from the usual legitimate first contact with a company.

The job seeker is always hired at the end of this strange little interview because that’s where the actual play happens because these scammers are out for one of two things (or both)

Your personal information (phishing), including banking, is essential because it’s reasonable to be paid for work done.

Or to “send” you money to buy equipment.

Sometimes (usually), it’s both.

The first reason is straightforward. We hear about phishing all the time. Once they have your information, they can do anything with it. Unfortunately, the information you usually need to give an employer is exactly what these scammers are after and does the most damage: your name, address, birth date, SIN (SSN, if you’re in the US), banking info, everything. They’ve now got it all.

The second reason is even worse.

As employers should, these scammers have promised the necessary working equipment for you to do whatever the job is (typical remote administrative, data analytics, digital marketing, etc.), including a laptop and other work-office-related items.

Here’s a key thing: if you get a job that supplies these–you typically won’t need to buy them yourself (or, at least, should not), nor will the company need to send you a stipend to do that. If this ever comes up in an interview, look for red flags. This is a giant one and should send you running and screaming in the other direction because no self-respecting IT will do this. If they do, there needs to be a serious and deep discussion with their management about shadow IT and cybersecurity, especially in the financial sector.

The thought boggles my mind, honestly.

Now, they could send you a stipend, but obviously, they’ll send you to their vendor. That in itself should tell you precisely what the play is here. The money will arrive in your account, you will spend the money at their… and then a few days later, you’ll get a call from your bank telling you the money didn’t actually clear, and now you’re on the hook for what you spent at the vendor who also likely won’t send you the computers either. That money will just be gone.

These scams bother me on a level that boggles my mind. They target people in a situation where they need to find work and likely don’t have a whole lot of money to spare in the first place. They’re usually caught in a bad situation where EI is running out. It’s finding a job—any job—now. They hope for better later, only to have their identity stolen, their credit wrecked even worse, and hundreds if not thousands of dollars out of their bank account.

And it’s not like the scam is ‘too good to be true’; no, these scammers are making an extra effort to research a reasonable job offer that is neither too generous nor too low to avoid setting off those warning bells.

So, here’s a list of new warning bells:

1. Be aware of the platform. If you see an ad, look through the profile and page. It should feel reasonably established. The information should match where they say they’re from, especially if they’re claiming to be a larger and older company.
2. Run a Google search on the company and check their web presence. If they have a website, their social media will be listed on it. If their official social media does not match the account you’re talking to, it’s probably been spoofed. This is where a scammer will copy a company’s social media with a second account and run their scam off the copy without the company knowing anything about it. Report, block, and ignore all attempts to contact you afterward.
3. The interview occurs either entirely in the Messenger of that social platform or another platform. It is never done by voice or video call. There are a few exceptions to this, but they are few and far between and depend on the AODA accommodations you requested.
4. Be cautious of quick job offers. Even if there is a slight pause, most large companies need a few business days to check references, credit scores (more for ID confirmation), criminal record checks, etc. Again, there are rare exceptions, but they usually happen if you already know someone working there and have already had a few previous conversations. The offer will not come immediately or be delivered via Messenger.
5. If they supply the equipment, there are a few reasons they will provide the computer and peripherals and send them to you directly without needing to shop for them. The first is there are things IT needs to set up for cybersecurity reasons and software likely specific to your job. If so, that company already has a vendor account with the company supplying their computers, and that IT firm bills the company directly and ships out their equipment to the new employee. If you need to provide the computer (rare, but it happens), then that IT company will need access to your computer. I wouldn’t say I like this latter. Still, there are a few exceptions to every rule. Still, they’re fewer and farther between now because of privacy laws, AODA, cybersecurity concerns, etc.; BYOD is rare. If a company has a BYOD policy, I typically turn it down in favour of them supplying me with the computer.
6. Be aware of the social platform you’re using to contact. It’s okay to reach out and make an initial contact with the company for more information. Still, they should encourage you to visit their website, reach out by phone (and that number should match what’s on their website with a physical address you can double check), or even (better) drop by their office for an in-person chat. Failing that, Zoom or similar on a video call, or even some initial feeling out by email. But only text through a social media platform… giant red flag. There’s usually a reason they don’t want you to contact them through an official contact: they aren’t who they say they are.

I would do something similar to SFWA’s “Writer Beware” for this. Still, the reality is that because most of the time, the scammers are spoofing a legitimate business, a who is who wouldn’t help by much. It’s just easier to keep track of patterns and emerging patterns.

Be safe out there.