Fraudsters may target universities for a variety of reasons, says an email security product firm. Students are likely more open to flexible, remote work opportunities; international students may not recognise tell-tale signs of fraudulent emails as well as native English speakers; and rising inflation and cost of education is putting the pinch on students’ finances, making the promise of quick cash more attractive, says Proofpoint.
The cyber firm says that employment fraud typically impacts individuals, and the results can be costly. According to the FBI’s Internet Crime Complaint Center, the average reported loss from this type of scheme in the United States is $3,000.
The covid pandemic has made this threat worse, the firm warns, as many employers have shifted to remote work, and the concept of working from home is more expected and desirable. In fact, some identified threats will reference covid-19 as part of the job description or reason for being remote.
Sherrod DeGrippo, Vice President, Threat Research and Detection at Proofpoint, said: “These types of threats can cause people to lose their life savings or be tricked into participating in a criminal operation unknowingly. They are very concerning for universities especially, and Proofpoint detects and blocks thousands of employment fraud threats weekly that could harm their students and faculty.”
Apparent legitimacy of emails and job opportunities varies – some fraudsters use legitimate branding, proper spelling and grammar, and real roles at spoofed organisations. Also, the threat actor may use spoofed or compromised email addresses to send the fake recruitment email, especially posing as university career centres or job placement specialists.
In a blog, the cyber firm gives the examples from earlier this year it found of emails purporting to recruit university students and staff to an executive personal assistant role at the United Nations Children’s Fund (UNICEF); and of a pretence to recruit college students for an alleged modelling job in Los Angeles. Before engaging via chat, that threat actor sent over a “contract” to further convince the recipient the job offer was genuine.
Signs of a fraudulent job offer may include:
An unexpected job offer received from a freemail account such as Gmail or Hotmail spoofing a legitimate company;
Nonexistent or overly simplistic interview questions with little to no information about the job duties;
Receiving a “paycheck” almost immediately after beginning a discussion with a sender;
A sender encouraging a recipient to switch to a personal email or chat account to discuss the job opportunity;
Language such as requesting a “quick task” be completed, especially if it involves sending money via mobile applications or Bitcoin addresses.
For the blog entry in full, visit https://www.proofpoint.com/us.
See also the firm’s ‘State of the phish‘ latest annual report.
