One new scam is causing a lot of headaches on a social network where this attitude is not so common: the LinkedIn. After being a victim of the scam, Thaisy Pecsén decided to use her profile on the platform to report the applied blow by fake recruiters.
See too: Banks carry out a campaign to reduce the risk of scams with Pix
see more
‘Permanence scholarship’ will combat evasion
Webinar debates ‘violence at school’
“I applied for some vacancies and a ‘recruiter’ called me on chat. I found the agility strange, but I thought it could be an automatic text. She asked some questions and sent me a PDF file with suspicious links and a presentation on behalf of a world-renowned company,” said Thaisy in the publication.
The scam is known as “phishing”, which uses a pun on the word “fishing”, practically common on the internet. Just like in the practice of fishing, scammers hope that victims will “bite” the bait thrown and fall for the scam. The attack is successful if the scammer manages to install a virus on the user's computer.
According to victims, the scam happens as follows: the supposed recruiter sends a link that needs to be installed on the candidate's computer. When clicking on the file believing it to be a detailed presentation about the vacancy, the user's computer is infected with virus.
To convey greater credibility, scammers use the same visual identity as real companies, even copying the names of open positions in the companies in question. After the victim notices that it is a scam, the candidate is blocked by the scammer's profile.
According to Thaisy, it was necessary “to access a link to download a file in the ‘.zip’ format, which, in turn, had others in the ‘.exe’ format. Who knows what kind of access they [the scammers] would have on my device.”
The first step is to avoid downloading files sent directly via email and chat by candidates as much as possible. “This is because it is more difficult to check the origin of the files that are sent”, explains specialist Lucas Lago, member of the Aaron Swartz Institute of Cyberactivism.
Additionally, use antivirus on both your computer and cell phone. It is important to be wary of publications that appear to be from recognized companies in the market, but that do not connect to an official website or email with their own domain.
Be aware if you receive an application response that requires you to click on a link to answer additional questions, especially if the questions are about personal information. Finally, be suspicious if it is not possible to verify the identity of the advertiser. To do this, search Google for the contact information provided by the recipient, such as email, business phone number and address.
