Recently, members of the UCSB community have reported receiving offers for fraudulent job opportunities. The UCSB IT Security Operations team would like to provide some guidance to help users identify job opportunities that may be a scam. Regardless of whether you are actively job seeking, you may receive emails, phone calls, texts, or other notifications of potentially fraudulent job opportunities. There are a few things you should keep in mind if you receive a message that you believe could be a scam.


If it seems too good to be true, it probably is.
Fraudulent job opportunities often make claims sounding like they could be the perfect opportunity, from very high hourly pay rates to the option of working entirely from home. While this type of opportunity may exist in the real world, you should question these overtly ideal claims, especially if you have had no previous contact with the organization or person offering them.

No application or interview process? Probably not a real job.
The application process is extremely important for hiring managers, Human Resources departments, and job seekers. That process offers all parties the opportunity to determine if the candidate and the position are a good fit. Many fraudulent opportunities have wording to indicate that they are trying to "fill the vacancy quickly," and may skip the entire job application process. Emails about these opportunities may even be presented as "job offers" that require no application or interview, and simply ask you to reply with a resume or contact information.

If you are presented with a job offer but haven't applied for a position or interviewed, you should question the legitimacy of the offer. 

Keep an eye out for "spoofed" messages.
Fraudulent job opportunities are getting more sophisticated. Occasionally, scammers will disguise their communication source through a process called "spoofing," making the message seem like it is from a known, trusted source. This can apply to emails, phone calls, and even websites. Even messages that look like they come from another individual at UCSB, Handshake, or UCSB Human Resources may be spoofed.

Know when to give out your information.
If you are asked to supply any of your personal information - from an alternate email address or phone number to your Social Security number or personal banking information - that should raise some red flags, especially in an initial message from a potential employer. The information that an employer might need to move you through the hiring process, such as a phone number for a phone interview, would typically be supplied during the application process. If you receive an email asking for you to simply respond back with your contact information, and you've had no previous contact with the organization, the email may be a scam.

You should never have to give money to get a job.
If you are asked to send money or to use your own money to purchase supplies, the opportunity is most likely a scam. You should never have to give money to get a job, and only in very rare cases will you need to purchase your own supplies. If you are offered money in the form of a check or money order to purchase supplies, you should confirm with your bank whether it is legitimate before depositing it. Oftentimes a potential scammer will send you a fraudulent check and ask you to disperse the money to other individuals. Later, the check will bounce and your funds will be lost.

What to do if you have received a scam job posting?
If you think that you have received information about a job opportunity that may be fraudulent, we encourage you to send the email with the complete email headers to security@ucsb.edu. Our Security Operations team will be able to search for similar emails in our system and remove them. Then you can mark it as spam and safely ignore the message. Instructions on how to include the email headers can be found here: 
https://security.ucsb.edu/report-security-incident/report-harassing-or-unwanted-email
 
Thank you for being cyber-aware and visit us online!

#ucsbInfosec
#jobfraudUCinfosec