top of page

A recruitment candidate or a cyber-attack candidate?

Imagine this scenario, you have placed your CV and personal details online so that potential employers can find you and offer you a job. You are contacted by an employer or recruitment agency working on behalf of the company, you're asked to fill in a questionnaire and provide further information to go to the next stage.

You get the email you've been waiting for and you're offered the job, the job is abroad and you've been told your travel, visa and accommodation will be sorted for a fee.

When you pay one fee (eg: a visa administration fee), the agency will tell you about another fee that has to be paid (eg: a deposit on accommodation). In reality, the fraudulent agency makes none of these arrangements.

What’s more, the fraudsters may also ask for your bank account details to set up salary payments. They will use these details to steal money from your account.

In reality, there is no job and any fees paid go straight to the fraudsters. Victims may already have given up their previous job and made new accommodation arrangements.

Recruitment scam emails may not be the typical type of scam email you usually receive, however they are increasingly being carried out online through false job advertisements or via fake recruiters on sites such as LinkedIn.

During the peak of COVID19, the Office for National Statistics reported that the number of vacancies in small and medium-sized enterprises had declined by 48.9%. Cybercriminals have acted upon this and have utilised the opportunity to catch out those who are desperately looking for roles.

This is an example received just this week by a scam recruiter, we have anonymised the recipients details but this is an example of what to look out for.

Action Fraud describes Recruitment or Employment fraud as the following and have provided signs to look out for and what to do if you think you've become a victim of it.

"Employment fraud happens when a fraudster claims to be a recruitment agent, hiring you for a job – which can be in a foreign country - that doesn’t exist."

What are the signs of recruitment fraud?

  • The employment offer is for an international position.

  • Scammers ask for sensitive personal information for security clearance or immigration purposes before or during the interview.

  • Receiving an offer letter without completing an in-person interview or receiving a call formally offering you a position.

  • Scammers ask for money (e.g. for visa fees, immigration documents, a percentage of travel expenses) and request personal information such as passport and bank account details.

  • Check any documents for poor spelling and grammar – this is often a sign that fraudsters are at work.

  • Ask the embassy representing the country where you believe you will be working how to obtain a visa and how much it costs. Check that the answers the potential employer gave you are the same – if they’re not, it may be a sign of fraud.

  • Check the official records to confirm that the organisation offering you the job actually exists. If it does, contact the organisation directly through officially listed contact details to confirm the job offer is genuine.

  • Tell the employer that you will make your own travel and accommodation arrangements. Beware if they try hard to dissuade you or tell you that you have to use the agency they refer you to.

  • Beware, too, if the employer or agent provides a webmail email address such as @Yahoo or @Hotmail as a point of contact.

What should you do if you’ve been a victim of employment fraud?

  • Stop all communication with the ‘agency’ but make a note of their details and report it to Action Fraud.

  • If you’ve given them any money, contact your bank immediately.

  • Warn the operators of the website where you placed your CV that their site is being used by fraudsters.

  • Don’t give any more money to the scammers. If you have, then call your bank to let them know.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.


The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page