There’s nothing quite like getting the wind knocked out of you when you’re already down. The plight of the unemployed individual has often been ignored by the media. Only in times of financial crisis do people seem to stop and notice the millions out of work—many of whom have not had jobs for a year or more.

Why does PhishBucket believe that talking about job phish is so important? Because who else besides job seekers keep their contact information so up-to-date? Who else besides job seekers are so financially vulnerable? Who else besides job seekers are as willing participate in risky-sounding ventures to pay their bills and feed their families?  

And here’s an added kick in the gut for you: while job phishers might enjoy the added bonus of gaining enough information to steal your entire identity, that’s not really their bread and butter. They don’t necessarily need your bank account numbers or identification numbers to fool you; basics like your street address, email and phone number are quite enough.

So what is it job phishers want from you exactly? They want to make a quick buck from you, and there are two specific ways in which they do this.

Stealing Your Money Directly

These job phishers entice you to move money or stolen goods. When you accept the “job” of cashing someone else’s checks and keeping a percentage, it’s a set up designed to fail. You’ll deposit the checks sent to you (which have been illegally manufactured), withdraw all but the percentage that is “yours” and wire it to them. A few days later the bank will inform you the check has bounced and your account will go into the negative for that amount. If you have little or no money to start with, that’s going to hurt. Many PhishBucket visitors have informed us that even though they hadn’t agreed to participate, just sending their address was enough for the checks to start arriving.

If you ship or re-ship parcels (as seen on Dateline), you are helping move goods purchased with stolen credit card numbers. These packages—electronics and other retail goods—end up reaching the criminals, usually in other countries, where they can be re-sold for a profit. As with the money transfer and mule scams, even if all you provide is an address, you might start finding parcels arriving at your door.

The majority of other job scams are variants of these, or are typical pyramid schemes, multi-level marketing, or programs that claim you can get rich in online advertising or auctions.

These job phishers want your money. You’ll either pay a pittance for a get-rich-quick scheme that’s a complete lie, or they’ll sucker you in the bank account—just once—enough to grab a chunk. You may not fall for any of these again once you’ve been burned, but the job phishers have another way to rob you once they’ve robbed your wallet.

Buying/Selling/Renting Your Personal Information

In addition to, or sometimes instead of taking money from you directly, job phishers keep track of all the personal information they acquire so they can rent and sell it. Your contact info alone is more valuable than you might think—your social security, driver’s license and other personal identification numbers are just the icing on the cake.

Both legitimate marketers and illegitimate scammers consider your information a hot commodity. For scammers to get even a few bites, they have to send email to thousands upon thousands of people. The more info that can be acquired, the more they have to rent or sell. After all, scammers want a steady income too.

You might be asking what’s so bad about this; lead lists (as they are often known) are frequently used in legitimate business for the same reason—to reach large numbers of people who have something in common (such as the need for a job, in this case). But imagine that someone with less than your best interests at heart now has your name, address, phone number and email. Suppose, since this was for a job application, that you also told them where you attended school and other places you worked.

1.    The scammer finds out whether you own or rent your home. If you own, maybe you soon see a phishing email telling you that another bank owns your mortgage and points you to a (fraudulent) site to enter your financial or other personal details.

2.    The scammer contacts your last school pretending to be you, claiming to have lost your transcripts. Soon someone tries tricking you into a bogus financial arrangement to pay off your student loan.

3.    The scammer finds out where you’ve worked and pretends to be a new employer, asking questions about your performance, and is able to learn about your work habits and perhaps some psychology that can be used against you.

4.    The scammer finds out your cell phone provider (sometimes asked on questionable Web-based “job” applications) and calls pretending to be you. Your bill is suddenly re-routed or your financial information is stolen through an online password reset at that provider’s Web site.

In all these scenarios, the scammers want to learn about who you are, what companies you do business with in your personal and professional life, what products or services you use, and turn your email and postal mailboxes into a living nightmare. Some of the offers that come your way, particularly via email, may trick you even further into giving away more about yourself than you had intended. Maybe you suddenly receive credit card bills because someone is using your name to acquire credit, or bills for other products and services that were purchased using your identification. Worse, maybe the police arrive at your door to arrest you for a crime committed by someone who had identification in your name. How easy do you think it’s going to be to convince law enforcement it wasn’t you?

Always Be Vigilant

The best way to protect yourself is to always be cautious and wary about giving away your personal details. Trust no one without proof of legitimacy. Learn where to report suspicious offers. Don’t be afraid to talk to law enforcement about your concerns. And if you’ve been a victim of a job scam, speak up and share your experiences to help others understand the consequences of talking to strangers.

PhishBucket is a proud supporter of National Cyber Security Awaress Month. Please visit www.staysafeonline.org for more information.

Questions? Comments? Leave them below!

Comments

Add New Search RSS

The views expressed and the links provided on our comment pages are the personal views of individual contributors and do not necessarily reflect the views of PhishBucket.org.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."

---

Tag it: