Cybercriminals exploit WhatsApp for fake job offers: Sophos warns

Cybercriminals are using WhatsApp to send fake job offers. These messages promise attractive positions in renowned companies, high salaries, flexible working hours, and the possibility of working from home. Experts from Sophos warn, however, that messages about recruitment from unknown senders should immediately raise our alertness.

Scammers posing as recruiters tempt potential victims with promises of lucrative positions in popular companies, such as TikTok, that require little or no experience. People who express interest in such a job are asked to transfer a small amount of money to the account provided by the scammers. After the initial payment, the criminals start demanding personal information and further transfers, explaining that purchasing appropriate work equipment or conducting training is necessary.

Among the fake offers, ads might also promise relatively high salaries for performing simple tasks, such as watching short videos or "liking" posts. Victims who fall for these promises may give their data to the scammers but will not receive the promised job.

Frauds involving fake job offers are common worldwide, although they may be more intense in some regions. Often, such attacks happen just after a major data breach in a particular country. Cybercriminals probably use sets of phone numbers purchased from illegal sources or previously acquired during an attack.

In 2022, such an incident occurred when the data of nearly 500 million WhatsApp users fell into the hands of scammers. John Shier, Technology Director at Sophos, notes that criminals have access to many databases of phone numbers obtained in this way, which increases the likelihood of receiving a fake job offer.

Many of the signals indicating an attempt at fraud are similar to those of phishing messages. John Shier explained that the information about a fake job offer is aimed at evoking emotions in its recipient and prompting a potential victim to act quickly, including providing personal data or upfront payments. Job offers are often suspiciously attractive: promising well-paid remote work and related benefits or a flexible schedule. Cybercriminals also tempt victims by not requiring experience for the given position. At the same time, they rarely include details about the scope of responsibilities in their job offers.

To protect your data from falling into the wrong hands, first and foremost, do not click on links contained in a received "job offer." As John Shier explains outlines, if someone claiming to be a recruiter says they represent a company or agency, it is worth finding the entity's phone number or website and checking if the ad is genuine. Remember that companies looking for employees are unlikely to contact candidates via messengers. The exception is LinkedIn, where it is relatively easy to verify if the offer is genuine.

Similarly to phishing attacks, any suspicious message (not just on WhatsApp) should raise alertness, and all actions should be taken with common sense. If an offer seems too good to be true, it most likely is a scam.