Online Job Scam: Introduction

Report home | Read the report (PDF) | Next section


Job scams are as old as jobs themselves. In past years, con artists would put a bad job ad up, fool a job seeker into giving up their money, and then physically move on to a new city. Now bad job ads have moved onto the Internet, with devastating consequences. The very things that make the Internet so effective for job seekers — speed, convenience, and a nationwide job search from a computer screen — are the same things that make it effective for fraudulent activity. Job seekers and job sites have unfortunately been targeted with sophisticated triangulation scams that move rapidly and seamlessly through a selection of job sites from coast to coast in a matter of days.

In this report, The World Privacy Forum is publishing the first documentation of the detailed path of an online job scam as it worked its way across multiple job sites over the course of a year. The documentation of this scam, its evolution, and its devastating effects on the victims it has left behind provides the first clear longitudinal view of the scope, patterns, and severity of the online job fraud problem.

The particular scam documented in this report is not a “mom and pop” job. It is larger and more sophisticated than it appears on the surface. The footprints of this scam are documented and presented in the “Evolution of a Job Scam” timeline in Section IV. This scam is dangerous and has been perversely effective in defrauding its victims.

One of its victims got fired for simply being duped by the scam. Another person’s bank account numbers were stolen and used. As of June 2, 2004, the World Privacy Forum has confirmed that there is a worst-case scenario connected with this scam: a victim of this scam has been arrested, indicted, and now faces trial for criminal charges directly resulting from being apparently tricked by this bad job ad into forwarding money that had been stolen. (For a description of how the scam works, and why this victim was charged with a crime, see the “Payment Transfer” discussion in Section II.)

It is important to note that an indictment of a job fraud victim represents a sea change in the “grace period” job scam victims had been enjoying until now. Just as identity theft victims had to fight a hard battle to help people understand their plight, the same challenges now face job seekers victimized by slick, organized job scams.

The World Privacy Forum views this change in approach to victims as a tipping point for the job search industry. The stakes for correcting the job fraud problem have become very high, and this complex issue must now be addressed in the strongest possible manner that provides the most effective proactive protection to job seekers.

But getting rid of job fraud will not be simple or easy. Job fraud is a stubbornly complex issue, and it is deeply and subtly intertwined with challenging data privacy issues. It is also an issue that extends beyond online job sites to the entire job search sector.

For at least the past 11 or 12 years, the Net — more specifically the Web — has been home to hundreds of job sites and millions of job ads. Internet job distributor eQuest estimates that in 2002, it sent out over 24 million job ads to an array of approximately a thousand job sites [1]. Those ads represent many good opportunities for job searching.

The virtues of an Internet job search, in the hands of criminals, have become a nightmare for both the job seekers and the job sites alike. While in past years con artists just stole money from a handful of job seekers city-by-city, now computer con artists are stealing money, identities, bank account numbers, and SSNs across the nation with relative ease. Job scams are so effective in the online medium that it is nearly impossible to catch up with the criminals until after the damage is done.

Job sites, for their part, do not simply throw open their doors to let theives steal resumes or to post fake jobs. In fact, many job sites have been in the process of seeking strong solutions to the growing problem of job fraud for well over a year or more [2]. It should be noted that not all job sites have a history of fraud complaints, but many do.

Since November 2003, the World Privacy Forum has been conducting a study of job site scams and related resume database privacy issues. Researchers have been working to quantify the overall percentage of job scams on job sites, figure out how they operate, discover their patterns, and find ways of circumventing the scams. The point is to protect current job seekers as well as to create a research-based understanding of the problem the job search industry faces.

Part I of the study involves a longitudinal study of a single scam to discover long-term patterns of scam evolution and activity. Part II of the study focuses on quantifying the amount and type of job scam activity.

The preliminary findings of Pt. I of this report are both positive and negative. There has been improvement, but more needs to be done. The goal of this report is to help give consumers and organizations the information they need to begin to combat this complex, stubborn problem before there are any more victims.

As part of this report, the World Privacy Forum asked the largest job sites to respond officially with details of what they are doing right now to combat job fraud. This report contains their detailed responses in Section V, and it includes a timeline detailing each documented incidence of the scam described in this report (Section IV).

The World Privacy Forum made a good faith effort prior to the publication of this report to notify each site where researchers found and documented the fraudulent jobs.

A. Positive Findings Regarding Job Site Response to Job Fraud

* The largest job sites have already instituted mechanisms to allow consumers to officially complain about job fraud by email or telephone. These mechanisms need improvement, for example, on one site, a fraudulent job was taken down many hours after notification that it was a fraud. But at least mechanisms are in place to be improved upon.

* Many sites have instituted consumer education campaigns and consumer protection tips on their respective sites. This is a positive and proactive step, particularly when the tips are on each job ad.

* Sites are slowly finding effective ways of dealing with fraud through experience. Some smaller job sites have resorted to checking every job ad before the ads get posted. This is a labor-intensive process, but it is effective for smaller sites. Other job sites, such as, do not accept certain categories of jobs whatsoever, those for example being job categories that have had high fraud reports in the past. This deletion of problematic job categories is a positive step for consumer protection.

* Preliminary results indicate that job scams can be thwarted when consumers can readily find the names of the fraudulent companies the ads have appeared under. After the World Privacy Forum and the Privacy Rights Clearinghouse published a consumer alert on a job scam in December, the organizations received numerous phone calls and questions asking about the companies mentioned in the alert. In some instances, jobseekers were spared from being victimized by the fraud because they found the alert before they handed over a contract with bank account numbers and other personal details.

B. Negative Findings Regarding the Job Fraud Problem

* Job fraud online is a substantial consumer issue. Although researchers cannot fully quantify the percentages of the overall numbers of scams posted yet, the detailed timeline in this report is certainly an indication of the scope and breadth of how broadly just one job scam can reach.

* Reposting of known fraudulent jobs is a substantial problem at some sites. Some sites do not have effective methods in place yet to avoid reposting identical fraudulent job ads even after they have been taken down one or more times.

* Even the largest job sites, if working alone, would likely not be able to see the full picture of how widespread a particular fraud is or how it interconnects with other job postings. Because of their natural isolation from each other due to competition, job sites have been left with a nearly impossible task of figuring out how a fraud ring is operating by looking at the individual job ads at their site. It would be a far more effective strategy for job sites to work together in order to obtain a comprehensive view of fraud so that all iterations of a scam can be shut down.

* A technical finding is that RSS (Real Simple Syndication) job feeds will need to be tweaked for the job search environment if RSS continues to grow in popularity. (See Recommendations, Section I. c). * Preliminary findings indicate that banks have a role in preventing victimization in job fraud scams, but preliminary indications also indicate that the banks the victims of the scam this report documents have been caught unawares on this issue. Over the course of the eight months the World Privacy Forum has been closely tracking this issue, many if not most of the job scam victims reported to the World Privacy Forum that they called their banks and spoke to bank officials before proceeding with the scam, and were reassured by bank tellers and others that the scam was legal and fine. In some cases, bank employees reported victims to the police.

* Job fraud victims have not found good avenues of support as they search for information and help. They often do not know who to call, because they do not fall into the category of pure identity theft victims and they are often not sure of what has happened to them until after the fact. Sometimes, a victim’s first indication of a problem is that they are arrested after they have applied to a job, only later to find out was a fake. Much more needs to be done specifically for victims of job fraud.

C. Recommendations

* Job seekers need a mechanism that will allow them to gauge the trustworthiness and effectiveness of a job site’s protection against bad job ads. Currently, this does not exist. There is almost no transparency for consumers trying to make this kind of judgment.

* Job sites need to begin to work together to create workable and creative solutions to combat job fraud on a macro scale. Job sites working alone will be at a disadvantage, because the con artists have a pronounced pattern of working on multiple sites at once using different job ad names.

* The entire job distribution infrastructure needs to be involved in a solution to the job fraud problem. Just cleaning up job sites is not an effective strategy. Job distributors and their suppliers will need to be in the conversation for there to be any real and substantive change.

* Consumers must now be the focus of national education campaigns by job sites large and small, consumer groups, banks, and companies such as Western Union, PayPal and eBay. Now that victims are being charged with crimes, this is no longer optional.

* Many mid size to small job sites do not have the resources to effectively combat slick job fraud rings. This is a long-term issue that can be addressed at least in part by not allowing automated job postings to go up prior to the jobs being reviewed by a person.

* The goal is to never post any job scams. But given that some bad jobs will likely slip through, a fair fall-back position is to never repost a known fraudulent job. It should be an industry standard that this should never happen at any site.

* Banks must educate personnel about job fraud and how it victimizes people. Instead of turning victims asking questions over to law enforcement, victims should be given useful, accurate information about job fraud and scams before they take any actions that would hurt themselves or others.

* Job fraud schemes are dense and are nearly impossible for victims to figure out in enough time. Simple, easy to remember, and effective tips that get at the heart of preventing consumer harm need to be agreed upon by the job search industry and consumer groups, and all parties need to work hard to get this message out to all job seekers or potential future job seekers.

* If RSS — a technology that aggregates Web site content and allows people to read it offline — continues to grow in popularity, job sites will need to think about their RSS delivery and address the fact that job seekers still need to see the job fraud information they would ordinarily see on the Web site. This can be managed fairly easily. For example, CareerBuilder puts job fraud consumer protection tips on every job ad. Their RSS job feeds deliver only headlines and minimal information, so job seekers need to go to the site to see the rest of the job. This is positive, because the job seeker will also have access to the fraud prevention tips. Having consumer protection tips on every job ad is a good idea anyhow, but it will be even more important in the RSS environment where job seekers may not have seen much contextual site material about job fraud.






[1] EQuest Press Release “eQuest Surpasses 24 Million Job Posting Transactions in 2002.” <>. July 7, 2004.

[2] For example, in February-March 2003, sent out emails to its user base warning of fraudulent job postings. It and other sites added new or strengthened job fraud warnings to their sites at that time. See Associated Press “ warns jobseekers of ID Theft,” Adam Geller, February 27, 2003 documenting these events.



Roadmap: A Year in the Life of an Online Job Scam – A Longitudinal Study: I. Introduction


Report home | Read the report (PDF) | Next section