Scam Job Postings

There are a proliferation of scam job listings and direct to the job-hunter emails coming into my test email box.  You may also be getting a number of them.  Below is an example of a potential scam job-ad email.

Strategy: Looking for IT educated people who might be needing a job, and enticing them to send unnecessarily complete private info to a complete stranger.   Why this works at all is that people who feel pressured to “get a job” are willing to suspend disbelief when anybody says they may be able to offer relief from this pressure.  Consider the last time you were out of work.  It gave a little relief send out a resume to a job ad that appeared to match your qualifications, at least the first hundred times or so, and the Internet job boards appear to be so easy and so safe that you probably send out a dozen resumes per day and think nothing of how much of your marketing material (resumes and cover notes) is circulating in the inboxes of complete strangers.

This is ok to most people because a resume does not give out sensitive personal informationany more than a sales flyer from the grocery store does.  All it contains is a set of product description (your skills and experience) and approved contact info so you can sell the product (you as the perfect employee for their requirement).

The following email looked pretty good and if I were looking for a similar job, I might be tempted to send in my information.  The problem with it is that they are asking for the expected information at a funny time. [For ease of interpretation, I will put my comments on the possible signs of a scam in bold within brackets.]

LDAP EngineerThursday, January 8, 2009 2:13 PM [Email title and date are not unusual, and a person who was interested in LDAP might open the email from the stranger to see what it was about] From: “Bill Williams” <wwilliams@somewhere.com> To: “Bill Williams” <wwilliams@somewhere.com> [This email was sent to a hidden list of recipients.  This lowers the odds that "Bill" was looking at your personal listing on a job board, and increases the odds that you are a member of a scavanged list] ["Bill Williams" is not the real sending email.  I am pointing out the pattern]

Please take a look at the requirement from our direct client listed below. If you feel that you are a good fit and comfortable with the position please reply with you [mis-spelled 'your'] updated resume in word format.

Please list the following as well:

DL#:

DOB:

Pay Requirement:

[DL# is required after hiring for the I-9 immigration control form.  It is never required at the stage of "send your resume for consideration."  It connects a name and an official record that would be great for identity theft.]

[Prospective employers are not allowed to ask for your date of birth before they have offered you the job and you have accepted.  They are allowed to ask if you are 18 years or older.  An employer that asks, in a written application, for your D.O.B. is cruising for a lawsuit for prejudicial hiring practices.  This is another great piece of the identity-theft puzzle]

[Finally, by asking your expected income, the scammer knows the level of income you think you deserve, and this will let them know all sorts of interesting stuff about the level of scam they might be able to pull off in your name.   Just a note: Even if this were a legit job offer, which I seriously doubt, giving a target income number previous to even an interview is plain bad negotiation on your part.  Personally, I don't even bother to reply to ads that don't say the pay range involved.  As the old saying goes, "The first one to blink loses."  Since you are marketing a rare resource, your services, you had better price yourself at a place where you are happy to accept.  If you wrote your resume well, they are offered to pay you more than you think is reasonable]

Thank you,.

Citizenship Required [citizenship in which country?]

Job will require candidate to be located in Richmond and Chester [What state are these cities in?  Virginia, California?  England maybe?]

Job Description: Advanced experience in Lightweight Directory Access Protocol (LDAP) design, development, documentation and testing with 7+ years. Must have demonstrated in depth knowledge and experience with LDAP administration, Sun Proxy Server, LDAP Replication Schemes, LDAP troubleshooting, SSL, Directory Integration and Solaris 10. Experience with PERL and UNIX scripting a must. Competent skills in MS Office Suite. Excellent customer service, oral and written communication skills. Ability to multitask and resolve multifaceted issues with creativity and minimal direction are required.  [This is enough like a real job requisition to be believable]

Responsibilities: Provide administrative support and maintenance of an LDAP enabled E-Directory service environment. This includes providing access to LDAP directory integration requests from various downstream application owners and individual users. . Problem identification, analysis and resolution. Responsible for effectively troubleshooting system and directory related issues. in-depth knowledge of messaging systems, system administration, architecture enterprise Identity management Experience a plus

Skills needed: MCSE [MCSE is a certification, not a skill]

Educational Requirements: College Degree or Equivalent Experience

Location: VA, VA – Richmond, VA – Chester Hours: 8:00am to 5:00pm [Well at least now we know the job is supposed to be in Virginia, so the citizenship question is answered as well]

[Bad spelling and difficult usage and unclear grammar may all point to an overworked, busy person, or a person who does not have enough respect for you to spell-check their message before they send it out.  What is important to look for is a style similar to the cover story of the stranger sending you the message.  This example email's errors are consistent with the average college educated person's errors in scenario 1 or 2 of this bracketed note]