skip navigation
skip mega-menu

The number of job adverts posted online is the highest since before the pandemic by over 150% (according to the ONS). As shown by the Office for National Statistics, there are more vacancies in the United Kingdom than ever before - ending the year with over 1 million. Such an increase in vacancies has flooded the market with job postings in various sectors.

Many cybercriminals are taking advantage of this increased activity and are creating fake job postings. These fake adverts aim to trick people into revealing personal/financial details or handing over money for phoney services.

Employment Scams

Cybercriminals are taking advantage of the hot job market and injecting job listings that look like the original job posting. ZScaler has found that attackers scrape and reuse the contents of actual job postings to convince applicants the post is legitimate.

Some scams can gather personal information from a prospective applicant, asking for critical information like name, date of birth, address, and national insurance numbers, which they can use to impersonate you and commit other offences. In addition, personal information could be used for any number of nefarious purposes, such as taking over victims' accounts, opening new financial statements or using the victims' identities for other scams.

More sophisticated scams take it even further. For example, once a person applies to a fake job listing, the attacker will reach out via a source such as LinkedIn and start a seemingly realistic application process, gathering more personal information from victims as they go. The next stage is an attacker conducting false interviews or asking for money for an initial training package or starter kit.

In the UK, Cifas members recorded almost 158,000 cases of identity fraud in the first nine months of 2021, equivalent to one person every 2.5 minutes.

How can you Spot a Fake Job Advert?

Look out for these red flags:

  • Interviews are not conducted in person or through secure video conferencing applications

  • Potential employers require employees to purchase equipment or transfer money to the business as a fee

  • Potential employers requiring credit card information of employees

  • Potential employers are emailing from regular domain emails, such as or

  • Non-standard domain names. Particularly: .online, .live, .xyz

  • Unsolicited job offers from companies with little to no presence on the internet

  • Job postings appear on job boards but not on their website

  • If you receive a job offer via SMS, report it to 7726

Advice for businesses Recruiting New Staff

As businesses continue to expand and grow, the need for new employees also increases. Unfortunately, with this comes the risk of cybercrime and fake job postings that can compromise a company's reputation and finances. 

Three key ways businesses can protect themselves when recruiting new employees:

  • Remove old job adverts when they close

  • Use reputable recruitment tools, job boards and companies

  • Provide clear communication channels for applicants to contact your company

By following these steps, businesses can help protect themselves and their potential employees from cyber threats and reduce the risk of cybercrime. Companies can also stay vigilant and educate themselves about the latest scams and how to avoid them.

Talk to us about Security Awareness Training for your staff and our Digital Footprint Assessment for a more in-depth understanding of cybercrime prevention.

Searching for a New Job? Here's how to Stay Safe

Best practices while searching for a new job include:

  • Reach out directly to the company through official contact information to confirm the job listing

  • Only submit job applications through verified sources like the company's official website or authentic job boards

  • If you are unfamiliar with a company, Google search the company name with the keywords "fraud" or "scam". You may find stories or additional information.

  • Never make any payment for a job application or job offer

  • Be cautious of conversations with unofficial company email address

Subscribe to our newsletter

Sign up here