With more companies hiring, online recruiting scams have reemerged, preying on job seekers and employers.

The Better Business Bureau tracked more than 3,000 recruiting scams in the first 10 months of 2018 with losses in the millions.

The online recruiting scam works this way: the scammer fraudulently uses a company's name and logo, and perhaps specific names of employees handling recruiting or human resources, to solicit applications from job seekers for fake jobs.

Many times, the companies are established, giving the scam legitimacy. Sometimes the solicitation comes by email, but most often it is posted on a professional or recruiting website, or social media platform.

Like most phishing schemes, the scammer's email address is similar to but not the same as the legitimate company's email address.

Fake Job Offers

Job seekers responding to the scammer's solicitation are offered fake job phone interviews, followed up by fake job offers.

As part of the supposed onboarding process, scammers ask for sensitive personal information, such as a Social Security number and bank account information for direct deposits.

Job seekers responding to the scammer's solicitation are offered fake job phone interviews, followed up by fake job offers.
In some cases, the scammers even ask the job seeker for money to run background checks, obtain certifications, or cover alleged advance costs of office supplies.

Because many jobs today involve remote or home offices, these types of requests do not appear wholly unreasonable.

What Should Employers Do?

In an effort to shut down this type of activity, employers should add a recruiting page to their corporate websites acknowledging the scams and clearly defining the company's current recruiting process.

Employers should also require job applicants to apply directly through the company's corporate website.

There, job seekers can securely complete an online application and/or upload a resume, references, and other appropriate items, and avoid the scammer's trick inviting them to email documents or use the scammer's link on a third party website or platform.

In addition, recruiting pages addressing these scams should state that the employer never asks a candidate for payment of any kind as part of the hiring or onboarding process and remind candidates not to provide sensitive personal information over the phone or by email.

If a company receives a call or email from an individual who has been scammed by a fake recruiter, the company should direct the person to the state's attorney general to report the scam, and also, report the scam to the business, recruiting website, and/or social media platform that might have been involved.

About the author: Kathleen Porter is an intellectual property and technology lawyer at Robinson+Cole where she is a member of  the firm's Business Transactions Group and Data Privacy + Cybsersecurity Team. This article was originally published on Robinson+Cole's Data Privacy + Security Insider blog.