The Most Wonderful Scamming Time of the Year

Fraud Prevention
https://pixabay.com/illustrations/fraud-prevention-scam-corruption-3188092

As the holidays draw near, and the uncertainty around coronavirus and stimulus checks linger on, we may seek opportunities for jobs that seem to come just at the right time. But scammers are always on the prowl for victims, and with emotions running especially high this time of year, it is vital to remain vigilant. Your money is one of the most valuable assets to scammers, and they want as much of it as quickly as possible. 

Imagine the following: as a student with time between classes and holiday shopping to complete, you are in search of an easy, yet safe, temp job. Out of nowhere, you are emailed by a professor or a large company that they are seeking your time and talent. They have heard a lot about you, and want you to start working with them immediately. No interview is required! All they need is your resume and some personal info. They promise to pay you $350 per week for only 4 hours of your time, just some clerical work including finding prices for office supplies, purchasing some items from Walmart such as envelopes or gift cards, and even mailing items for their business. Once you secure the items, you are sent a reimbursement for your purchases, plus the additional money promised. They send you a check, you deposit it, and everyone moves on with their day. 

Except, a few days later, your bank says that your account has been overdrafted by $1,400. There must be some mistake, right? You just deposited a check that should have covered this amount, so there鈥檚 no way this is accurate. Except it is. The check you deposited was phony, and your bank account has been drained to cover the costs. You contact the employer who sent you the check, and their email is now unreachable, or they never get back to you. You have now become a victim of check fraud (to find out next steps, skip to the section on What To Do If You Are A Victim Of Check Fraud). 

How could this have happened? The opportunities sounded so perfect: work from home and put in a few hours for a large payout, the only qualifications being basic computer skills or some form of U.S. citizenship. The work would have been great for your resume as you were selected to work for a large company like Cisco, or a research office of the university. You were even invested emotionally, since this job claimed you were helping their disability office or that you could tutor their disabled child. 

This is a very real scenario and an ongoing scam that is currently affecting students across campus. Scammers know how to exploit our emotions, demanding we respond as soon as possible, promising easy work and quick cash, and even fooling us into believing that we are helping others or building up our resume. Their emails come during times of high stress, including holidays, new semesters, exams, and during our most uncertain times due to the coronavirus. They are adept at social engineering. 

The Information Security Office works to identify these emails and take action immediately, including marking them as spam or deleting them entirely. We block these scammers, but the reality is that changing email addresses is so trivial that once we block one address, more are used to continue the scam. Email subjects change, email bodies are worded differently, so it is easy to circumvent our filters. That is why it is important to make everyone aware of these scams and the tactics, techniques, and procedures (TTPs) that scammers use so that everyone can identify true opportunities from malicious ones. 

Here are some commonly observed tactics, techniques, and procedures used in job scams: 

  • Job opportunity promising fast cash, easy work, and little experience
    • E.g. part-time work at home, $300 for 4 hours of work (this is a $75/hour rate, an enormous rate for such easy work)
  • A guaranteed job without an interview (either because they claim to need help right away or claim they are in another country)
  • Emails from unknown senders promising you a job opportunity (especially if you鈥檝e never applied to their company)
    • E.g. an email from a 鈥淐isco鈥 hiring manager using a Gmail account, or an email for a tutoring position when you鈥檝e never told anyone online that you are a tutor
  • Emails from senders claiming to be a professor, but they are using a non-Case email address
    • E.g. an email from 鈥淧resident Scott Cowen鈥 using evesmith57[@]yahoo.com
  • Emails from a professor that does not exist
    • E.g. an email from 鈥淧rofessor Alice Doe鈥 from alicedoe103[@]gmail.com 

How To Spot a Potential Job Scam:

  • The company doesn鈥檛 exist. 
    A quick Google search can tell you if the company exists, and if the hiring manager exists.
  • You never applied for a job with that company. 
    If you signed up for job notices from LinkedIn or Indeed or similar sites, you should only receive emails about jobs from those sites, not from personal email accounts such as GMail or Yahoo.
  • You are asked to use your own money.
    A job promises reimbursement for spending your own money on office supplies or purchasing gift cards. These items are usually purchased by the company with their own budget; this should not come out of your pocket.
  • Spelling errors and poor English grammar.
    Typically, professional communications do not have misspelled words or poor English grammar. This is the first red flag that can identify if this email is legitimate or fraudulent.
  • Personal information unrelated to the job is requested.
    The email requests personal information that is unrelated to the job (including age, gender, birthdate, full home address, and other information that is often inappropriate or illegal for U.S. companies to ask for due to the potential for biased hiring)
  • The email was in your spam folder. 
    GMail filters emails to your spam folder based on information gathered from similar spam messages reported by other users. Although there are instances of a legitimate email being sent to your spam folder, chances are high that if it is in your spam folder, it鈥檚 because the email is spam, a scam, or even phishing. Don鈥檛 interact with these emails unless you are absolutely sure you were expecting it and that the email is legitimate.

Things to keep in mind when you see job opportunity emails: 

  • Is this too good to be true? Was the 鈥渉iring process鈥 too easy, and is the work paying out far more than would normally be expected? If it seems too good to be true, it probably is. 
  • Are there other students on the email Cc or To list? Scammers send these emails in bulk, and will often neglect to hide their recipient list. 
  • Think about this from an employer鈥檚 perspective: If you were a hiring manager or parent with a disabled child, would you hire someone immediately just from a quick glance at their resume, without so much as a phone call? Would you truly think that just from a resume and no interview, you can determine if a candidate is a great fit for your team, or that they are a trusted person to have around your child without first seeing if they are compatible with them? For legitimate jobs, the answer is always no.
  • Does this email match other scams seen? See previous Student Job Offer Scams seen in the wild at 星空传媒
  • Are you in some way being manipulated by this email? Social engineering, the art of human manipulation, is the main tactic used in these scams. Learn about social engineering and other security concepts to build up your security defenses. 

If you receive an email about a job opportunity matching some or all of the above criteria, what should you do? 

  • You can report it as spam or phishing and Google will filter the email to your spam folder. Reporting it as spam/phishing can also benefit other users by training Google鈥檚 filters to identify emails of this pattern as spam, which Google will then filter to their spam folders so they won鈥檛 get scammed. 
  • If you want to report it to the Information Security Office, you can email security@case.edu. This will notify our office so we can take immediate action to block the scammers and identify any victims. 
  • If you want to verify whether it is legitimate or not, forward the email to the Information Security Office and ask us to verify if it is legitimate. We can provide more insight into the email, and answer any additional questions about it. 

What to do if you are the victim of check fraud: 

  • Call your bank immediately and let them know that you are the victim of fraud, and the check you recently deposited was sent to you as part of a check fraud scheme. Work with them to retrieve any stolen funds.
  • File a police report with your local precinct or the 星空传媒 police department if it is safe to come on campus. This may be vital in getting your money back and proving to the bank that your case is legitimate. 
  • Inform your coworkers that a check fraud scam is going on to prevent them from falling victim. 
  • Contact the Information Security Office at security@case.edu so they can prevent the scammers from contacting you and prevent any other members falling victim.

--

Written By:

Katherine Starr
Information Assurance Analyst
星空传媒 Information Security Office