Fake job offers are harder to detect thanks to AI

The extraordinary deployment of new artificial intelligence tools in practically every corner of the Internet is having a host of consequences that are very difficult to measure. Technology is advancing much faster than we can imagine, and not always in the right direction. In recent months, for example, a considerable increase in the number of fake job offers generated by AI has been detected.

ExpressVPN’s cybersecurity specialists have long warned us about the danger of these types of fake offers, which have been in circulation in our country for years. In their simplest form, these fake offers seek to scam money from those who apply for them. However, the rise of the digital economy is diversifying the malicious objectives of the scammers who publish them day after day.

What are scammers looking for when posting fake job offers?

Broadly speaking, we can identify two main trends in the publication of fake offers. The first involves the direct theft of victims’ money using social engineering techniques. The second, on the other hand, is more sophisticated and involves the theft of personal data for sale on the dark web or for the impersonation of the victim’s identity: a crime that can be profitable in many ways.

Direct scams in fraudulent job offers

In their most basic form, fake job offers attempt to scam victims out of money directly, requesting payment prior to obtaining an imaginary job. In these cases, the advertised offer tends to be very attractive, with a salary that easily exceeds €3,000, and with hardly any training or prior experience requirements to be able to apply. Scammers seek to attract as many victims as possible.

When a person applies for this job, they will soon receive a positive response from the scammer. They will be told that their application is moving forward in the selection process, and shortly after that they will be asked for money as part of the process to obtain the job. The pretext for this request varies widely, but in general terms it is common to mention training expenses or visa processing as justification for this expense.

It is clear that the scammer keeps the stolen money as soon as the victim completes the payment, and that there is no job behind the offer. However, the scam can be even more serious if the scammer receives the payment by bank card or transfer. This allows them to steal the card details or create a false direct debit, thus increasing the amount stolen even more.

Data theft for online hacking

Another type of fake job offers simply seeks to collect data from CVs sent by applicants, which makes them much more difficult to detect. Direct scams can be easily identified as soon as the scammer asks the victim for money, but data scraping goes largely unnoticed on job portals, to the point that we do not have clear figures on the number of fake offers of this type.

The data we share on a CV is very comprehensive, so it is a real treasure for hackers, who can use it to try to breach our online accounts. Information such as our phone number or email address can be used to breach access to our social networks or our accounts on e-commerce platforms, which can have devastating consequences.

Even more serious are the ‘SIM swapping’ attacks that have been taking place in Spain in recent years. Cyber ​​attackers can request a scan of documents such as the victims’ ID, and use this information to impersonate them and obtain a duplicate of their SIM card. This gives them full control over their phone number, which is often linked to online banking applications.

What we should do to prevent data theft

There are numerous databases for sale on the dark web containing information stolen from millions of people, both in Spain and around the world. With the right combination of data, the right programming skills and a basic knowledge of social engineering techniques, hackers can steal all kinds of online accounts. Once users discover the hack, it is almost impossible to undo.

The best strategy is therefore prevention, for example by creating complex passwords to protect our online accounts against possible dictionary attacks, or activating two-step verification systems to protect our bank cards. In addition, we should limit the information we attach to each CV sent to a supposed job offer. You never know who is on the other end!

Click to rate this entry!
(Votes: 0 Average: 0)
Share!

Leave a Comment