Hiring Practices to Prevent Scams

Every day, I see another post about someone falling for a recruiting scam. Many of these scams follow the exact same patterns you'll see on marketplace scams, and the same red flags that pop up else where, apply in the recruiting space as well. (I'll drop the full post in comments as well). 1. A very common scam is someone sending money, and then asking you to transfer a portion of the money back to them, or to someone else. On FB marketplace or Craigslist, this looks like someone sending you more than they owe you, realizing their "mistake" and asking you to Zelle them back the difference. Zelle is used because it transfers immediately and Zelle gives warnings on this for that reason. Any sort of wiring of money would also fall into this category. 2. PLEASE look up the company and the job. In this case, the company in question wasn't on LinkedIn, the employees in question aren't on LinkedIn, a Google search shows the company is a small operation in Canada, yet the communication was coming from the US and abroad. The company has no jobs listed on their website. These are all major flags that something is amiss, and you should do more research or reach out to the company directly before communicating with whoever is contacting you. 3. A text/chat interview will always be a scam. Always. There's a .01% chance it's legit (which I say only because I know someone is going to comment that they have done text interviews and it was legitimate) but the odds are so low you're far better off assuming it's a scam. 4. Reputable companies will never ask you to pay anything. In this case, the individual received a check (which turned out to be bad) and then was asked to pay a portion of that check to another employee. There's no logical reason for a company to use you as a go-between; they can transfer money to their own IT department or vendor. 5. Did you even apply for the role? If a company contacts you claiming you applied for X role but you have no recollection or confirmation that you applied for said role, it's a scam. 6. Double check the recruiter and company any time you're reached out to by a recruiter (and if they reach out via text, it's a scam). Reputable companies and recruiters will either DM via LinkedIn from a profile that is established, has a profile picture, is attached to the company they claim to represent, etc. Or they will email you from a profile with a domain that matches the company they claim to represent. You will be able to find them on LinkedIn. Some fraudulent companies will create websites and LinkedIn profiles. They will create domains similar to legitimate companies. But eventually you'll find a disconnect. Jobseekers are very susceptible because you desperately want to find work so you want to believe that the opportunity is real. But trust your instincts. Do your research. If it seems too good to be true, it is.

Thoughts on the “scammer” job postings and recruiter outreach: NOT LEGIT: Those texts or emails you get from someone who doesn’t have a corporate email address. For example, no Amazon recruiter is going to email you from a joe.smith.amazon@gmail.com type email. It’s going to be an amazon.com domain. No one is going to text you with a job offer without any interviews or conversations either. NOT LEGIT: Any company asking you to purchase their software or computer to work for them. I've never, ever heard of this in a legit situation. LEGIT: Asking for the last four of your social, and/or your month and day of birth. Many systems into which agency recruiters must submit your resume require this information. To dig in: Ask the recruiter what VMS (vendor management system) and MSP (managed service provider) is involved. They should have a quick and direct answer to both. NOT LEGIT: Asking for your year of birth or your entire SSN. In my experience, you never need to provide that info until you have an actual job offer and need to provide this for a background check and onboarding. GRAY AREA: Asking for a resume and not having a full job description. I've worked on, and filled, plenty of jobs that never get a full, formalized job description. However, in the conversation I had with the candidates, I was able to explain why the manager had not come up with a job description yet and why we were working on the req in that way. Also, I was able to provide the client company name (next point). MOSTLY RED FLAG: Recruiter not sharing the end client name when a candidate asks. I'd say less than 5% of the time clients will ask us to keep the company name confidential. The rest of the time we share the client name once we connect with the candidate. A legit recruiter will always do so - why, they don't want to waste their time or yours if you've already been submitted or have applied to the company. Unless the recruiter has a really valid reason for the company name being withheld, I'd probably not work with a recruiter who can't or won't provide this info. GRAY AREA: Recruiter not being willing to share pay rates. Unfortunately, this is based in the mystique of "they who speak first loses" in salary negotiations. Many recruiters are trained this way, or mandated to work this way. The job could be legit. I'd love to say this is a red flag, but you could be missing real jobs here. NOT LEGIT: An AGENCY recruiter calling you with an interview with their client when you have never corresponded with anyone from that agency. MAJOR red flag and not an agency you want to work with - or it's a complete scam.

Beware of recruiters approaching you via unofficial emails and / or asking for sensitive information. It has come to our attention that there have been reports of scammers who are impersonating recruiters from companies, such as Datadog, to deceive prospective job seekers. These scammers may use the names of real Datadog employees but operate from non-Datadog email addresses. All Datadog recruiters will only contact you from their @datadoghq.com email address or their LinkedIn account, with their name and contact information clearly visible. Be cautious of messages from other platforms and unofficial email addresses or suspicious phone numbers, especially if they urgently request personal information. For more details about the Datadog candidate experience and on recognizing and reporting scams, visit our FAQ: https://lnkd.in/eHPghDFd

Red flag alert: these are things a company should never ask for upfront. Before the interview. Before the offer. Before the background check. - Your Social Security Number - Your Date of Birth - A copy of your driver’s license - Your full mailing address - A recent photo of yourself If you're asked for these early in the hiring process, it’s a no. Scammers are getting smarter. Some sketchy companies are too. You should never have to give away personal data just to apply for a job. And if someone pressures you? That’s your sign to walk away. P.S. Ever had a “this feels off” moment during hiring? Tell us what tipped you off

Cybersecurity is not just a technical issue, it’s also an economics and people issue. On the latter, the latest research from our Counter Threat Unit (CTU), now part of Sophos from our Secureworks acquisition, further reinforces that position.   CTU has been tracking the North Korean IT workers scheme - which has been in operation since at least 2018 - as NICKEL TAPESTRY. Recent findings show this campaign has expanded beyond U.S. tech firms into Europe, Asia, and industries including finance, healthcare, and cybersecurity. These actors are applying for remote roles using AI-generated resumes, falsified identities, and cloned online profiles. Their goals range from salary diversion to data theft and extortion. In 2025, CTU observed a shift toward targeting cybersecurity roles and using more diverse personas. Given the level of trust and access that cybersecurity companies generally have, this becomes a large-scale keys-to-the-kingdom problem.   This is not just a cybersecurity concern, it’s a general hiring hygiene concern. HR and recruitment teams are now enlisted in the front lines of organizational risk controls. Our nutshell recommendations: - Enhanced identity verification during interviews - Live or video validation of candidates - Monitoring for cloned resumes and VoIP-linked contact info - Control of remote access tools and BYOD usage post-hire   This is a persistent, evolving threat. Organizations must adapt hiring and onboarding practices accordingly. Our full report: https://lnkd.in/gcruvt67

I got a job offer by text. All I had to do was send them my bank account number so they could wire me money to buy a computer. SCAM. Big, bold, dirty scam. Someone else I know got a job offer and was sent a check in order to purchase office equipment. Right after they deposited it, they were told they’d been sent too much and needed to return part of the funds. SCAM. Nasty. Brazen. Ruthless. Another person was told that the company was going to send them a computer and wanted to know when they’d be home. SCAM. Scary. Creepy. Dirty trick. These scammers are busy and getting better by the day. And they’re preying on EVERYONE, including job seekers, who are are at their most vulnerable. Here are some major red flags to watch for: ⛔️ Job offers don’t just show up via text, no matter how hard you’ve been praying for a new job! You’ll NEVER be hired without at least two conversations; one with a recruiter, one with a hiring manager. ⛔️ You should NEVER have to buy anything to “start working.” Not a laptop. Not software. Not supplies. EVER. If anyone asks for your bank info before an offer is signed—BLOCK and REPORT. ⛔️ Sending fake checks that look legit. Then claiming they “accidentally overpaid” you. So you send part of the money back… Then BOOM: the check bounces, and you’re stuck owing the bank the full amount—PLUS the money you sent back. Please don’t fall for it! Three tips to help you avoid falling victim: 1️⃣ Vet the recruiter’s email address and credentials. Typically the scammer email address looks suspicious. 2️⃣ Only share info with verified sources. Don’t answer questions or provide any information until you’re sure. People are most vulnerable and trusting when they’re job hunting since we’re so used to providing a lot of personal information to our employers. 3️⃣ Take your home address off your resume. Add your LinkedIn profile instead. Resume databases are a goldmine for bad actors. Stay safe out there. And share this with everyone you know. You might save them more than just money.

Over the past few months, my LinkedIn feed has been full of people open for work; I know how challenging the job market is. At the same time, my TikTok feed has been full of victims who have received job offers, only to find it was a scam after either giving them personal data or worse, having money stolen from them. For those of you in the job market, I want to offer a few tips: -- If someone reaches out to you directly about a job, do everything you can to verify that they are employed by the company or search firm they claim to be. Check their LinkedIn profile to make sure they have verified their workplace (Verifications are located directly under the summary section). Make sure the email address they provided has the correct company domain; check the domain spelling carefully. --If someone reaches out to you about an entry/mid-level role that typically has many qualified applicants, be suspicious. In this job market, those are not roles where recruiters need to actively recruit; they can find great candidates simply by posting the role. -- When applying for jobs directly, try to do so from a trusted source (e.g., the company's career site, LinkedIn.) Be wary of small career sites. If you find a job posted that looks interesting, check on the company's career site to see if the role is posted there. If it's not, walk away. -- NEVER give personal data (e.g., date of birth, driver's license/passport/social security number, etc.) over the phone or through a non-secured email exchange. --NEVER EVER transfer money or use your own funds to purchase anything needed for the role. They often "wire money" or send you a check to deposit in your Zelle account that ultimately bounces after you have transferred funds back to them. A legitimate company will ship required equipment to you directly. If you are asked to go buy it, walk away. -- If the job sounds too good to be true, it probably is. If you get the sense that something is off, don't be afraid to visit the company website, find a email address for general inquiries & ask them to verify that the role is legitimate and that XX recruiter is working on it. Job scams enrage me because criminals are preying on incredibly vulnerable people who can't afford to lose money. I know the emotional toll job hunting can take on a person. To think you have finally made it to the other side only to realize it was all a con is gut wrenching. I don't usually ask this, but please share this on your feed and add additional tips that I haven't mentioned. Recruiters are a community; we have to look out for job seekers, treat them with respect, and help them find real work.

I spoke with a promising candidate yesterday who recently had a troubling experience with a fraudulent agency. After going through what appeared to be a legitimate interview process, he was offered a position and accepted it. This is someone highly qualified—an individual a former colleague of mine had successfully placed multiple times in the past. Unfortunately, things took a turn when the supposed employer requested his bank routing number to set up direct deposit. Sensing something was off, he wisely provided details for an account that only had a few dollars in it. Sure enough, that small amount was withdrawn the same day—confirming his suspicions. This serves as a strong reminder: never share sensitive personal or financial information until you’ve thoroughly verified the legitimacy of the company. Authenticate in multiple ways—check their LinkedIn presence, read reviews on Glassdoor, consult with someone you trust, or ask to speak with someone in HR. Hopefully, situations like this are rare—but it's worth staying vigilant.

🚨 PSA to those currently seeking new employment🚨 PLEASE do your due diligence on the jobs you are applying to. It's come to my attention more and more that there are fraudulent jobs being posted on job search sites like Indeed, among others. Jobs that don't really exist, being run by individuals that don't work for the companies they are posting the jobs for. Often times these are jobs that are likely to generate a large number of applications. Remote capable, entry or junior level, etc. Those individuals are then reaching out to applicants with fake interview requests that include direct deposit forms... 😡 As if it wasn't stressful enough already to be hunting for a new job... Here are some things to keep in mind to avoid getting scammed by a fake job. 1. ALWAYS cross check the job posting with the company's careers page. If the role isn't posted on the company's careers page, trust me, it won't be posted on a external job board. 2. It's not enough just to cross-check titles. You should also cross-check the job descriptions to ensure they are the same. 3. I've NEVER heard of a company sending a direct deposit form to a candidate who is interviewing for a role. If this happens, it is a scam. 4. Companies will NEVER ask you to sign up for the signal app in order to communicate during the interview process (yes this is another example I have heard recently). 5. If you receive an outreach message, it's always a good practice to check here on LinkedIn if that person actually works for the company. Recruiters, in particular, typically have well built out LinkedIn profiles. If you receive outreach from someone with a sketchy profile, I would exercise caution. #Hiring #Talent #JobSeekers