Cyber criminals are posing as recruiters and employers to offer people fake jobs in a scheme designed to steal money, personal data and trick victims into helping them commit money laundering.
Detailed by cybersecurity researchers at Proofpoint, the job fraud campaigns attempt to lure people in with the promise of upfront payments for simple jobs that can be done while working from home.
Nearly 4,000 of these email threats are being sent every day – most are sent to people in the United States, but Europeans and Australians have also been targeted.
SEE: A winning strategy for cybersecurity (ZDNet special report)
In over 95% of cases, the attackers are aiming at email accounts linked to universities and colleges, targeting students who are likely to be open to flexible and remote work opportunities.
Remote work has risen because of the COVID-19 pandemic, something that could make the approaches look less suspicious to victims. Some of the fraudulent emails even reference COVID-19 as a reason for the fake jobs being remote.
While the lure of making easy money from remote work sounds tempting, the attacks are designed to fleece victims – according to the FBI, the average loss for victims of