Phishing for a job?
Vatsal Sonecha, Columbia
Phishers have no shame. When the economy tanks, people lose their jobs and online employment websites are flooded with activity – legitimate and illegitimate.
Résumés are a rich source of personal information that can be used for identity theft, or for spear phishing attacks that target individuals for their logins, Social Security numbers and bank accounts. A growing number of fraudulent job offers promise employment, but deliver only identity or financial theft.Attackers are taking advantage of the fact that job hunters are anxious to please a potential employer. Growing desperation may override normal caution. So, it's urgent that web surfers keep their common sense fully engaged, especially during a job search.
First, protect your logins. Use a different account and password for job sites. Never give out the password.Next, investigate offers before providing information. Be wary of listings that use
Hotmail or Gmail accounts, listings that don't provide company information, or jobs that promise high salaries for little work. It's also important to flag or report fraudulent postings. Sites like Monster.com, LinkedIn and Craigslist are actively working to prevent and deter fraud.
Further, don't give out personal information quickly. You should be far along in the process, ideally in the employer's HR office, before you provide your SSN or bank account numbers.In addition, only “friend” people you know on social networks. Thieves are starting to take advantage of the more open nature of social networks to gather personal information.
In sum, be phishing-savvy and protective of your personal information, regardless of what online sites you use. Take a skeptical approach and recognize that if an offer or a job sounds like it is too good to be true – it probably is. Identity theft can be devastating – especially when you're unemployed – so protect yourself by incorporating these steps.
