Employment Scams – Profiting from an Economic Recession

The current high unemployment level in the United States, combined with the increase in legitimate remote (work from home) positions, has created a fertile environment in which employment scams are flourishing. Albert Einstein is credited with saying “In the midst of every crisis, lies great opportunity”. In the case of employment scams, unscrupulous individuals use social engineering to exploit the hopes and dreams of trusting job seekers who believe the remote job opportunity they applied for is real.

The Direct Deposit Employment Scam

Perpetrators may exploit a legitimate job search platform to advertise remote work positions. In an effort to convince a job seeker a position is legitimate, criminals may copy a real company’s logo or even spoof a website for brand recognition and to take advantage of a company’s good reputation. A spoofed website may carefully duplicate specific elements from the company’s real website, including a logo, formatting, and text; when taken together creating a fake website that is almost indistinguishable from the company’s legitimate website. Additionally, the criminal may purchase a website domain that is very similar to a company’s official website address, making it even more difficult for individuals to spot the scam. For example, a criminal could transpose just two letters in the company name, or use a domain name that differs from the real company’s internet address by just one letter. Once a job seeker is tricked into believing they landed a job with a well-known and respected company, victims are instructed to disclose full bank account information in order to set up direct deposit and receive paychecks, which gives the perpetrator full access to drain the candidate’s bank account. The end result is victims not only learn the job offer wasn’t real, but they willingly provided personal bank account information to the criminal and so the stolen funds may or may not be recoverable.

The Background Check Employment Scam

Using the false promise of a job opportunity, a job searcher is told they were selected for a job and a background/credit check is a required part of the screening process. The perpetrator requests sensitive personally identifiable information, which may include a copy of a driver’s license or state ID card, Social Security number, and other personal details. A criminal may go one step further and ask the victim to create a new account on a fictitious background check website. The scammer hopes the job seeker will re-use a password they use on their other personal accounts, and give the criminal the opportunity to take control of other accounts, such as an email account, using that same password. Once the criminal has sufficient personal information to impersonate someone online, the stolen identity is used to commit financial crimes. Perpetrators generate profit from stolen identities in various ways; by opening new credit cards under the stolen identity (which are quickly maxed out and left unpaid) or by impersonating the victim online and creating bogus accounts pretending to sell merchandise/services (which are never shipped to buyers). Victims may become aware of the scam only when contacted by a collection agency regarding unpaid debt or unusual activity such as receiving mail addressed to someone else. It is highly recommended to frequently check credit reports for errors or unrecognized new accounts, and follow these tips to report suspected identity theft.

The Money Mule Employment Scam

The money mule employment scam is commonly shared on social media platforms, possibly along with an enticing photo associated with wealth and/or status. A slick advertisement offers unskilled work from home jobs where the only requirements are a computer and a bank account. Phrases or hashtags appearing in these posts refer to money and may use terms similar to “funds processing agent”, “easy cash”, or “money flip”. The premise is simple – job seekers are instructed to receive funds into a bank account, forward most of the money to a different account owned by someone else, and keep a portion of the funds for themselves as an “administrative fee”. Younger individuals may be more frequently targeted and/or susceptible to this scam, as one bank issued a statement “nearly a third (30%) of money mules reported to it last year were aged under 21”. Those who fall for the money mule scam are unwittingly engaging in the layering phase of money laundering, which involves moving the proceeds of crime through several financial transactions in attempts to hide the criminal origin of the funds.

Red Flags to Watch For:

• The recruiter/contact person uses pressure and/or creates a sense of urgency to accept a job and start right away
• Promises along the line of “easy money with minimal skills”
• You do not recognize the employer and/or do not recall applying for the job
• The recruiter is using a public email domain (i.e. Gmail, Yahoo, etc.); Real recruiters typically use an internal company email address formatted as @[company name].com
• You haven’t verbally spoken or video-conferenced with the recruiter, but are asked to give out sensitive personally identifying information and/or bank account information
• You go the to the website directed by the recruiter, and the anti-virus/anti-malware software on your computer flags the website with a warning that the site possibly contains malicious code or otherwise might not be safe
• Search the company by name on the internet and compare the internet address to the online address provided by the recruiter. Is the company name slightly different or are two letters transposed?
• After identifying the genuine company website, is the position listed on the recruitment page? If the job appears on the website the recruiter provided but not the website identified via an internet search, you may have been directed to a spoofed website.

For additional information on online job scams, go here.

For additional information on COVID-19 fraud and related financial scams, check out the AML RightSource COVID-19 Resources page.