Santander has uncovered malicious campaigns that offer fake job opportunities, with scammers posing as headhunters and recruitment agencies on real job sites and platforms posting non-existent vacancies to trick victims into handing over money or personal information. Often, it is a ruse to gain access to employers’ systems.

An increasing number of fake vacancies and employers are popping up on social networks for professionals and job search websites every day. Cyber criminals entice their victims with the promise of an exciting role or additional income. These fake employers ask candidates to provide credentials or personal or bank details, click on links, download or install malicious files, or make payments.

Job seekers need to know what to look out for to avoid falling into the trap. In recruitment scams, cyber criminals seek to gain victims’ trust by posing as an employer (either anonymously or using a false identity) and sending private messages on social networks for professionals. Initial contact can also be through instant messaging, email, chat forums and other networks and platforms.

At Santander, we raise awareness of online security to protect our current and potential customers. Be wary of a potentially fake job offer or recruitment process if:

  • You didn’t apply;
  • The job is too good to be true (e.g. the salary seems too high for the required position, working arrangements are overly flexible, or there is no experience required);
  • You receive an urgent request; and
  • You’re asked to click on a link, share personal details (especially at the beginning of the process), provide credentials or bank details, download or install a program or file, or pay to be part of the process or for a training course.

Not sure if a recruitment process is real?

  • Before applying, check the offer in the “Work with us” or “Careers” section of the company’s website.
  • Dig through the website and social media profiles of the person or company that has contacted you to make sure that their details match the information you have received. Are they using a company email account or a free service? If their email address doesn’t feature the company domain, be wary.
  • Read reviews and comments. Search the company name alongside terms such as “scam”, “review” and “complaint”. You might find that some people complain of having had money stolen.
  • Contact the company on a verified telephone number or through its official website as opposed to the channels that the “recruiter” has provided.

If you suspect something, report it

If you spot suspicious contact on an instant messaging service or platform or social media, let the impersonated company or individual know about it.

If these attacks impersonate Santander or one of our employees, take screenshots of the messages you receive and send them to reportphishing@gruposantander.com. If you receive a suspicious email, you can also forward it to that address.  

You might like