Paul Phillips is the Global Head of Talent Acquisition & Total Reward at Avanade.
getty
Some time ago, a number of people arrived at our London office excited to be joining our company and ready to attend the onboarding training they had paid for and had been told was scheduled to begin that day.
Except, unfortunately, we had not hired them and there was no training.
Recruitment scams have been around for years. However, just like other forms of fraud, online criminals have become increasingly cunning and are using sophisticated technology tools that make it easier than ever to scam unsuspecting job searchers.
While many stories of recruitment fraud focus, rightfully, on those who have been scammed, it is an issue that our companies must confront head-on. Criminals posing online as our company present a direct risk to our reputations and, at my company, go directly against our code of business ethics.
This type of fraud is more pertinent than ever. People who have lost their jobs due to the pandemic and are forced to conduct their job search activities online may be more desperate to find a job and may not be as eagle-eyed as usual, making them more susceptible to fraud.
As head of global recruiting, I hear these stories all too frequently. In one version, scammers created a website that mirrors the branding of a company, then posted non-existent job openings on a careers page and waited for candidates to contact them through a bogus email address. In another, the scammers misappropriated the name and photo of the head of HR at a company they found on LinkedIn, created an email message with that company’s branding and reached out to prospective candidates with the news that the company was expanding and had immediate job openings.
No matter the variation, the scam is the same: convince the “candidate” to share personal information that then can be sold on the dark web or used to commit identity theft — or to hand over money directly, perhaps to pay for “required” background checks or pre-hire training. In one of the most brazen examples I have heard, the scammers asked people for their banking information so they could send money they could use to set up their home offices!
It’s easy to wonder why job searchers would be so easily fooled, but think about the elaborate security systems and ongoing training our companies must deploy simply to guard against basic email phishing attacks. By contrast, these scams can be startlingly complex. In one example I learned of, scammers went so far as to conduct fake online interviews with job candidates — with multiple people, for hours, culminating with an interview with a fake head of HR.
Often the company being impersonated doesn’t even know it. At my company, we have only learned about a scam using our name when a target candidate realized something didn’t seem right and reached out to us. Our recruiters are on the lookout for recruitment fraud and we are aggressively fighting back. Here’s how to help your recruiting team fight back, as well:
• Make sure your recruiters use only your technologies to conduct business. For example, we are a Microsoft shop. We don’t have Gmail addresses and we don’t use Google Hangouts. All recruiting activities, from initial outreach through to onboarding, is conducted within our HR technology framework.
• Add a statement or page to your career site that addresses recruitment fraud. That way, when a prospective candidate checks out your website, they will know your hiring process and can be reminded to check for fraud red flags. One of my favorite examples is Intuit’s recruitment fraud page.
• Make recruitment fraud education part of your recruiters’ tool kit. At your recruiting events, whether online or hopefully again soon in person, remind attendees how to protect themselves against recruitment fraud:
• Carefully verify the email address and listed website of any unsolicited recruiter outreach communication. A change of one letter is easy to miss when you’re excited, but it can mean the difference between a legitimate recruiter contact and a scam.
• Visit the company’s website and check out the jobs listed there. If the one you have been contacted about isn’t there, that’s a red flag.
• If you have any doubts at all, call the company directly and inquire about the job posting.
• Most importantly: never give out personal financial information, passwords or security numbers. Companies have secure ways to collect that information at the correct time.
As professionals, we have a responsibility to ensure candidates and potential candidates can trust our company’s hiring process. At my company, if we learn that someone has been scammed in our name, whenever possible, we look for a way to turn that negative into a positive. We may offer to help the person polish their CV or share suggestions to help with their job search.
There will always be scammers with ever-more ingenious ways to trick people into falling for their schemes. Our job is to do everything we can to stop them.
Forbes Human Resources Council is an invitation-only organization for HR executives across all industries. Do I qualify?
