Home » How Companies Can Respond To The Surge In Job Scams – Privacy Protection – United States

How Companies Can Respond To The Surge In Job Scams – Privacy Protection – United States

To print this article, all you need is to be registered or login on Mondaq.com.

The ubiquity of remote work and online hiring has led to a sharp rise in job scams across industries. In
these swindles—sometimes called employment scams or recruitment
scams—fraudsters impersonate job recruiters from real
companies and convince job seekers, who have often posted their
résumés on job recruiting websites or social media
platforms, that they are taking part in legitimate recruitment
processes or have landed jobs, which are in fact phony and
nonexistent. Usually communicating through email or text message,
the fake recruiters induce victims to hand over personal
information, cash bogus checks, or send money for training or
office equipment.

These are profitable crimes. The financial losses of job scams
swelled when the COVID-19 pandemic hit, from $174.2 million in 2020
to $209.1 million in 2021, to $367.4 million in 2022, according to the Federal Trade Commission
(FTC), a 110% increase in just two years.

Job scams may grow more common with the rapid adoption of chatbots that can mimic human-conversation.
These programs may make it easier for malicious actors whose first
language is not English to converse convincingly with
English-speaking victims. (For a discussion of this and other legal
and business risks of chatbots and generative artificial
intelligence, see WilmerHale’s recent client alert.)

In addition to the victimized jobseekers, these frauds harm the
impersonated companies, by tarnishing their brands and harming
their reputations in the contest for talent, all while creating
significant distractions and unplanned costs. Every case is
different, and a business should work with counsel to respond to
the circumstances of each situation. But in general, companies
should consider the following key steps when responding to a job
scam incident.

  • Act Quickly. Malicious actors are
    likely to keep at a fraud so long as it is successful, and to
    desist and move on to the next victim if the company or law
    enforcement take steps to impede the swindle.

  • Speak Out. To warn potential victims
    of the fraudulent activity, companies should consider posting a
    public statement advising jobseekers of the fraud to their
    websites, social media accounts, and profiles on recruiter
    websites, such as LinkedIn, Indeed, and ZipRecruiter, once they
    learn of it.

  • Report Impersonation Accounts.
    Fraudsters often set up webpages and email accounts that
    impersonate a legitimate company’s website to give the scam a
    believable gloss. For example, a fraudster targeting
    XYZConsulting.com may create the website XYZConsultingJobs.org, to
    which it can lure victims for their “job interviews.”
    Impersonation campaigns often infringe on a company’s
    intellectual property and violate the domain hosts’ terms of
    service. Businesses, either on their own or working with counsel,
    can usually have these impersonation sites taken down by filing
    reports with the web or email domain hosting companies. Likewise,
    companies should report phony job posts to job recruitment websites
    or social media platforms.

  • Keep Records. Companies should hold
    on to documentation both of the scams and the financial harm caused
    by the scammers to jobseekers and the company.

  • Contact Law Enforcement. The FBI is
    responsible for investigating job scams, and companies, either
    directly or through counsel, should consider reporting job scams to
    the FBI’s Internet Crime Complaint Center
    (“IC3”) and directly to the relevant FBI field office.
    Law enforcement may ask for the documentation both of the scams and
    of the financial harm caused by the scammers to jobseekers and the

  • Send Cease-and-Desist Letters.
    Companies may choose through counsel to send a cease-and-desist
    letter to the malicious actors directly.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Privacy from United States

CPRA Regs: 8 New Obligations You Need To Know

Frankfurt Kurnit Klein & Selz

Over the prior year, we’ve received numerous questions about what obligations the CPRA Regs will add to the underlying statute. On February 14, the CPPA, California’s new privacy regulatory agency…

Data Privacy And Security Report: February 2023

Holland & Knight

Welcome back to Holland & Knight’s monthly data privacy and security news update that includes the latest in policy, regulatory updates and other significant developments.

The Blueprint For An “AI Bill Of Rights

Arnold & Porter

More and more, artificial intelligence (AI) and other automated systems make decisions affecting our lives and economy. These systems are not broadly regulated in the United States…