I’ve just gotten off the phone with a victim of the scam that I’m about to describe. This is impacting a lot of folks, so please do spread the word. It’s infuriating. I’ll be around to reply to your comments below, but please do not engage in victim-blaming, because until you’ve actually been hit by one of these scams, you don’t know how convincing attackers can be.

As you already know, Defiant is a 100% remote company. We have been remote since 2015 when we first started hiring. Thanks to COVID, a lot of brick-and-mortar companies are now hiring for remote positions. There is a remote hiring scam that has rapidly gained popularity and works as follows:

The Attack

An attacker will post a job ad on a job board for a position. We have seen “Data Capturing” as one of the roles, but the roles vary. An interview is conducted. In the cases we’ve seen, it has been done via Skype direct message and there were two attackers who had a conversation with the victim. The first attacker posed as a kind of coordinator and went by “Jennifer Udin”. The second posed as a manager named “Antonio Wheeler”.

The victim gets the job. The “employer” (attacker) congratulates them and says that they will provide all required furniture and office supplies. The attacker then sends the victim a check which they are told to cash, and they’re asked to immediately buy furniture from the attacker’s preferred supplier. In the case we investigated, the amount paid was several thousand US dollars.

The victim’s bank will put a hold on cashing the check until it passes fraud checks. The victim spends the money out of pocket, on the furniture, in a non-refundable way. The victim is out of pocket thousands of dollars. And the “furniture company” is actually the attacker who now has the money.

There are several variations of this attack. The goal is to either get personally identifiable information (PII) from a victim or to get money. In all cases, the scam is based around an employment opportunity and a legitimate company is used as a vehicle for the attacker to scam the victim.

How To Avoid This Scam

We recommend you take the following steps to avoid this scam:

  • Go to the employer website and confirm that the job you’re applying for is actually an open position on their site.
  • Contact the hiring company using the published contact information on their website – either an email address or phone number – and verify that the role exists and that you are in the hiring queue.
  • As far as possible, do not apply on job boards. Instead, apply by navigating to the hiring company’s website and proceed from there. You may be directed to external HR sites like Workable.com, but you will be following links from the hiring company’s own website.
  • Never spend money out of pocket for a job application or for a new job you have just started. You may need to spend money out of pocket in the future because reimbursement has become standard practice among many companies, but this should be unacceptable for a position you have just started.
  • I have not encountered a company that only does interviews via direct message. COVID has changed the way we do business, so it is understandable that victims are assuming that direct-message interviews are part of that change.

Please share this information as widely as you can. This has had a significant financial impact on folks I have talked to, and their stories are heartbreaking. If you have been affected by this, please visit IC3.gov and report the crime.

Data We Have Gathered

The following screenshots and data were kindly provided to us by several victims of this scam. We have redacted sensitive information.

An introductory chat session:

 

An authoritative-sounding Jennifer gives instructions on visiting the “hiring company’s” website which is a real website. They add a time limit to add legitimacy.

 

Once the victim has been hired, they’re referred to a “training supervisor”.

This is the profile of one of the scammers. Probably a stock photo and plausible-sounding name.

One of the checks received by a victim:

 

The following is a transcript of a Skype direct message conversation between one of the victims and an attacker. Stacy is the attacker and Mary (not her real name) is the victim. Asterisks represent redacted information.

Stacy, 2:14 PM
Good afternoon

Stacy, 2:15 PM
How are you doing?

Mary, 2:26 PM
Good Afternoon

Mary, 2:26 PM
I am fine thank you

Mary, 2:26 PM
and you?

Stacy, 2:28 PM
I’m great

Stacy, 2:28 PM
I believe you are here and ready for the job briefing/interview?

Mary, 2:51 PM
Yes I am

Stacy, 2:57 PM
I am Mrs Stacy Morgan. The Interview manager for ******. Please introduce yourself and indicate your location.

Mary, 2:58 PM
Ms. Morgan, are you there?

Stacy, 3:00 PM
Yes we can proceed.

Mary, 3:21 PM
I am Mary ***** and I am located in ********.

Stacy, 3:23 PM
Next would be the briefing about the Job and the company. I advise you read with care. Just follow the briefing and you can ask questions when i am through. Let me know when you have finished reading and understanding every line. You will be allowed to ask questions later. With each line just respond with i’m through.

Mary, 3:30 PM
I’m through

Stacy, 3:31 PM
Here’s the company website www.******.com. You are required to use (Five) minutes of your time to glance through the website and read more about the company. let me know as soon as you are done so we can proceed with the briefing..Okay ?

Mary, 3:32 PM
Okay

Mary, 3:34 PM
I’m through

Stacy, 3:35 PM
Alright

Stacy, 3:35 PM
Primary Responsibilities are to perform general clerical duties to include but not limited to: Resolve customer complaints via phone, email, mail, or social media.

Use telephones to reach out to customers and verify account information.
Assist with placement of orders, refunds, or exchanges.

Take payment information and other pertinent information such as addresses and phone numbers.

Place or cancel orders. Inform customer of deals and promotions.
Utilize computer technology to handle high call volumes.

Can you handle that with appropriate training ?

Mary, 3:36 PM
Yes I can handle that appropriate training
I’m through

Stacy, 3:38 PM
The pay is $28 per hour, training is $18 per hour and will get payment bi weekly via direct deposit or paycheck, the maximum hour  you can work a week is 45 hours. If you are employed you are going to be working as a full employee.

You will undergo training from your training supervisor, The first phase of your training will be centered on your mini-office set up and handling of tasks/assignments which will be done intermittently.

In the second phase, trainees will imbibe a direct-stringent approach in getting themselves acquainted with their office equipment (software & hardware) and company’s payroll system. Also will they be assigned special projects to work on.

I believe that will not be a problem for you ?

Mary, 3:39 PM
No this will not be a problem
I’m through

Stacy, 3:40 PM
What means of payment do you prefer ? Direct deposit , Check , Wire Transfer ?

What Bank Do you Operate with to see if it tallies with the company’s official salary payment account ?
Note: I am not asking for your banking information.

Mary, 3:42 PM
Wire transfer…JMMB
I’m through

Stacy, 3:43 PM
BENEFITS : Benefits for eligible worker include: Health, Dental, Life and AD&D Insurance, Employee Wellness and 401k plans.Paid Time Off and Holidays with Generous Company Discounts.That counts after working 30days with the Company.

Mary, 3:44 PM
I’m through

Stacy, 3:45 PM
We are now on question and answer interview section. As soon as you are done answering any question, you are to write DONE…Understood?

Mary, 3:46 PM
Understood

Stacy, 3:47 PM
Alright good

Stacy, 3:47 PM
(1.) Are you seeking a part time or full time job and  are you currently employed ?

(2.) Do you have a printer, scanner and fax machine and what is your mobile carrier?

(3.) How would you describe yourself during work ?

(4.) Do you have an idea of how to use ms excel and  what is your typing speed?

(5.) At this company, we like to think of ourselves as a team that works together towards the same goals. How do you feel about working in a team environment?

Mary, 3:50 PM
1. Part-Time with the possibility of turning into Full-time. Yes I currently employed, but need something flexible. DONE

Mary, 3:51 PM
2. Yes I have a printer and scanner. ******* is my mobile carrier. DONE

Mary, 3:53 PM
3. I would describe myself as friendly, easy to get along with, laid back yet hard working. DONE

Mary, 3:54 PM
4. Yes I know basic MS Excel, would like to learn more and 40wpm. DONE

Mary, 3:55 PM
5. Working in a team environment is great, I would love working in a team. It allows for growth. DONE

Stacy, 3:57 PM
Very good

Stacy, 3:57 PM
(6.) What computer skills do you have and what programs are you comfortable using?

(7.) Do you prefer to work independently or on a team?

(8.) What is it like working for your supervisor?

(9.) How would you feel supervising two or three other employees?

(10.) What do you understand by privacy & code of conduct?

Mary, 4:03 PM
6. I am skilled with power point presentations, email communication, spreadsheets and research. I am comfortable with Ms power point, ms word, and I have recently started learning SQL. DONE

Mary, 4:03 PM
7. I do not have a preference. DONE

Mary, 4:04 PM
8. Working with my supervisor is great actually. He encourages growth and allows me to work independently when he sees it necessary. DONE

Mary, 4:05 PM
9. I have no problem supervising 2 or 3 employees, I would consider that support them rather than supervising. DONE

Mary, 4:08 PM
10. Privacy is important because this is respecting persons and company information by not divulging information,it goes hand in hand with trust. And code of conduct is how I would represent myself , my place of employment and treat my fellow team members.

Mary, 4:08 PM
DONE

Stacy, 4:12 PM
Brilliant

Stacy, 4:12 PM
I really hope the company can depend on you. You  have performed quite impressive.

I need you to hold back on online, while i go through  your answers to my question and discuss with the  rest of the recruiting team. Okay ?

I want you to keep an eye on your IM (simply  be alert). I will get back to you soon with the result of  the interview.

Mary, 4:15 PM
Yes I am okay with that. And I will be looking out

Stacy, 4:30 PM
I’m back

Mary, 4:31 PM
I am here

Stacy, 4:33 PM
Congratulations, your performance ensured you had a good score eligible for enrollment into our weekly routine training program. You scored 9.0 out of a possible 10. , you have just been confirmed qualified for this position
You are now offered the job position…you are HIRED!
You are welcome to ********
You are now given a chance to show your commitment,charisma,diligence and be a productive employee.

How do you feel now ?

I believe the company can count on your devotion?

Mary, 4:34 PM
I am happy, excited and nervous!

Mary, 4:34 PM
Yes the company can count on my devotion

Mary, 4:35 PM
Thank you and thanks to the recruitment team for choosing me!!!!

Stacy, 4:35 PM
You’re welcome

Stacy, 4:36 PM
To enable you sit for this job and position there are working equipment and software’s which are required for this job and position this is because you will be working from home as all expenses are handle by the company, so there for the company will be sending you a check, this check will be for the purchase of all the working equipment that you need as you will be purchasing them from the company local vendor, method of purchase and means of payment will be made known to you when the check get to you, as you will be getting the check asap. The check will include your advance training pay and sign on bonus. I believe you understand?

Mary, 4:36 PM
I understand

Stacy, 4:37 PM
In the mean time i need you to provide me with these information to enable the company’s secretary’s department put you into register. Full names, state, city, address, zip code and cell #

Mary, 4:38 PM
Full Name: Mary ***** ******

Mary, 4:38 PM
Our address layout is a bit different

Mary, 4:39 PM
Street: ******** Road

Mary, 4:39 PM
City: ******

Mary, 4:39 PM
Zipcode: ******

Mary, 4:39 PM
Cell#: ******

Stacy, 4:41 PM
Got it

Mary, 4:42 PM
Great

Stacy, 4:42 PM
That will be all for today, make sure you are prompt online 8am tomorrow morning so i can connect you to your training supervisor. Have a Great Day and Stay Bless.

Mary, 4:43 PM
Okay…no problem. And same to you

This attack is having an impact on real victims applying for roles that tend to be less senior. Please do spread the word. Let’s try to make this scam common knowledge, along with how to avoid falling for it.

Thanks to all the victims of this scam who kindly shared data with us and those who spoke with me on the phone.

Mark Maunder – Defiant Inc Founder and CEO.

The post PSA: Widespread Remote Working Scam Underway appeared first on Wordfence.

Read More at the Source