Securing Our Communities: Interview Scams

Updated: May 31, 2019

Each week, the NTIC Cyber Center highlights a different social engineering scam impacting individuals and communities within the National Capital Region. We encourage everyone to share this information with friends, colleagues, and loved ones to help reduce their risk of becoming a victim of financial fraud and identity theft.

Interview scams, also known as video interview scams or chat interview scams, are a type of social engineering scheme in which the perpetrator uses fake job interviews to lure victims into providing their personally identifiable information (PII) or downloading malware. Although legitimate companies sometimes do conduct interviews using telecommunications software to save time and money or to interview candidates who are unable to meet in person, scammers appropriate this method to take advantage of ambitious jobseekers. They target victims using email, social media, professional networking websites, voice messaging services, and video chat platforms.

Interview scammers masquerade as recruiters or hiring managers and post fraudulent employment advertisements through email and career websites. Some scammers behind these schemes initiate contact with victims while others wait to let victims contact them. Unwitting jobseekers are then asked to reveal sensitive information that is typically requested by employers such as PII (for verification) and financial information (for tax withholdings and direct deposit). In other cases, they are tricked into downloading malware by opening malicious attachments that appear to be official hiring documents. In addition to causing financial and reputational damage to victims, this type of scheme also poses a national security concern as media reports reveal that a North Korean hacking group placed a fraudulent ad on LinkedIn, tricking a jobseeker in Chile into downloading malware. The group used the video chat application, Skype, during the interview and asked the victim to download, install, and run a malicious file disguised as a job application form. The malware then stole system information that was later used to compromise Chile's ATM network.

The prospect of new employment opportunities may lead excited jobseekers to experience a lapse in judgment. The NTIC Cyber Center provides the following tips to help our readers recognize the warning signs and avoid being victimized:

  • If you are using an online job board to look for employment, try to research the company posting the job ad by searching for an official website and seeing if the job is also listed under the site’s “employment” or “career” section.

  • Be aware that scammers may try to masquerade as legitimate employees or executives of an organization and will likely use industry jargon and organizational logos to try to fool victims. If you are unsure if a company’s representative is legitimate, place a call to the company’s human resources department to verify the employee and the availability of the job.

  • Scrutinize all requests to download any communication applications or plug-ins and make sure they are from verified and trusted providers. Never download files during an interview session.

  • Slow down and think before accepting impromptu and unsolicited interview requests. Most organizations plan interviews well ahead of time. While interview planning varies, it is better to be safe and reschedule an interview for a later date to give yourself time to do some research.

  • Pay attention to frequent spelling and grammatical errors in job postings and recruiter communications; they could indicate that the perpetrator is from a foreign country.

  • Immediately cease all contact with anyone who asks for banking information or fees before providing an official job offer.

Report all interview scams attempts to your local police department, the US Federal Trade Commission, and the FBI’s Internet Crime Complaint Center.

The NTIC is governed by a privacy, civil rights, and civil liberties protection policy to promote conduct that complies with applicable federal, state, and local laws. The NTIC does not seek or retain any information about individuals or organizations solely on the basis of their religious, political or social views or activities; their participation in a particular noncriminal organization or lawful event; or their race, ethnicities, citizenships, places of origin, ages, disabilities, genders, or sexual orientations. No information is gathered or collected by the NTIC in violation of federal or state laws or regulations.