A cybersecurity firm advised job seekers to avoid clicking links from random numbers amid the still prevalent case of spam text messages.
In a release, Kaspersky stated that these text messages may be perpetuated by job scammers and other types of cybercriminals who are taking advantage of the high unemployment rate in the Philippines.
Citing data from the Philippine Statistics Authority, as of March 2022, the firm said that there are 2.87 million unemployed Filipinos.
There are also 7.42 million underemployed or those who have jobs but are still looking for other sources of income.
“According to a job report, about 49% of Filipinos are now keen to work remotely due to pandemic concerns such as health and safety. For scammers, this is a goldmine they just wouldn’t miss taking advantage of,” the cybersecurity firm said.
It also cited that most job scams in the Philippines involve the victim or the job seeker sending money to a fake recruiter for supposed “registration fees.”
Some scammers also offer victims “to get ‘commissions’ or ‘bonuses’ with higher returns as long as the victim tops up.”
Below are screenshots of smishing examples that the cybersecurity firm provided.
Trendmicro described “smishing” as “a form of phishing that uses mobile phones as the attack platform.”
Based on the images, the unsolicited messages offer high salaries in exchange for part-time or full-time remote work from unnamed senders.
Gretchen Ho and other Filipinos previously reported that they still receive such types of text messages nearly every day.
Some online users even shared that they have already blocked a lot of these numbers but the messages keep coming.
Do not engage
Kaspersky strongly advised against clicking or responding to these senders.
“Do not respond nor click on links if they come from people or organizations you don’t know. Replying simply confirms to the sender that your phone number is active,” it said.
The cybersecurity firm also urged the public to conduct their own research on the company, including its official websites, channels and contact information.
“Make an additional phone call to the company to ensure that the job offer is legitimate,” it said.
According to the firm’s own data, personal information such as name, birthday, phone number, and email address costs up to $10 if sold on the dark web.
Personal data can further be sold or traded to other cybercriminals and companies.
“Once in the hands of fake job recruiters a.k.a. cybercriminals, these data can then be sold or traded to other cybercriminals or companies. Scammers will also use these data to commit other cybercrimes such as identity theft or to infect your device with malicious software (malware) to steal more data stored in it,” Kaspersky said.
The following are more tips to avoid becoming victims of job scams:
- Limit job searches to official sources.
- Install a trusted security solution with fraud and phishing protection and follow its recommendations. This will solve most of the problems automatically and alert you if necessary. Remember, personal vigilance is not enough when dealing with sophisticated scam methods used by cybercriminals.
- Use multi-factor authentication (MFA). A common variant is a two-factor authentication (2FA) which often uses a text message verification code while a stronger variant includes using a dedicated app for verification (like Google Authenticator).
- Be wary of offers to discuss a job or hold an interview in secret chats where messages are encrypted, cannot be forwarded and which alerts the participants if anyone takes a screenshot.
- Report all SMS phishing attempts to designated authorities.