All
Contracting
Contractor Finances
Freelancer Finances
Freelancer News
Freelancer Services
Guide to Freelancing
HR Guide for Employees
IR35
IT Career Advice
IT market trends
IT news
IT Skills
IT Training
Opinion

Techies told to report LinkedIn thread hijackers, CV spam, and spoof jobs

9 min
144
0
0
Published on

Free-Work readers and other tech job board users are being preyed on by scammers, phishers, and allegedly, ‘spray and pay’ recruiters.

In three separate hiring spoofs, IT job candidates were bombarded with CVs, sent fake WFH jobs, and had their LinkedIn comments hijacked.

Out of these three tech recruitment ruses detected last week by Free-Work, it is the LinkedIn hijacking that appears to be the most sophisticated.

‘LinkedIn must do more to police its platform’

Shown the details of the hijacking yesterday, Reed, the staffing giant, signalled to Free-Work that LinkedIn ‘must do more’ to police its platform.

The point of difference with the murky activity on the world’s largest professional network is that it doesn’t begin in inboxes, as many job scams do.

Instead, the scammer (or ‘phisher,’ which a lawyer says more accurately describes the perpetrator) finds a post that the LinkedIn user has started, or commented on, and replies.

That immediately gives the impression of authenticity, as users of LinkedIn replying to other users, even when they are not connected, is commonplace.

‘I’m really impressed, and I’m recruiting for a senior [insert victim’s skill] role’

Based on the wording of the reply, it seems that the user’s profile or their ‘headline’ outlining their IT skills, is checked by the phisher.

Near victim Elaine Richardson, a Senior Business Analyst, says she was left the following comment in a LinkedIn thread she’d contributed to: 

“Just been reviewing your LinkedIn profile, and I'm really impressed. I'm recruiting for a senior BA -- at Deloitte.”

‘An outside IR35 position that’s very well compensated’

Showing an awareness of the off-payroll rules, the reply continued: “It’s an entirely remote position…outside IR35. And very well compensated.”

The first tell-tale sign something was off was that the ‘Deloitte recruiter’ spelt the company’s name “Delloite.”

The second tell-tale sign came when Richardson says she clicked on the recruiter’s name in the hope of viewing their LinkedIn profile.

‘A zero-LinkedIn connections recruiter – for Deloitte; apparently’

“I checked the profile of the ‘recruiter,’ and although it showed a few reposts of Deloitte news items, they had ZERO connections,” Richardson told Free-Work.

“I don’t know how anybody is supposed to believe you are a recruiter if you have no LinkedIn connections whatsoever. At least make an effort!”

Richardson says she further “sniffed [out it was] a scam” due to feigned urgency.

Specifically, the ‘Deloitte agent’ claimed that the “position application” (the two words were juxtaposed) “is due to close in under an hour -- so get back to me soon.”

‘Satisfy oneself of the bona fides of an invitor’

Despite Richardson being right to “satisfy oneself of the bona fides of an invitor, before responding” advises Egos, a legal firm, ‘scam’ is overdoing it.

Not that the more accurate ‘phishing’ is an easier activity to stamp out, hints Egos legal consultant Roger Sinclair.

“It's hard to see how additional regulation could effectively address this [unwanted activity on LinkedIn].

“Because in my eyes, rather than a ‘scam’, this is a phishing attempt.”

‘If it looks too good to be true…’

Mr Sinclair continued to Free-Work: “Whether the invitation is to apply for work, or simply to connect [on LinkedIn], if it looks too good to be true, it probably is.

“And for someone -- with zero connections -- to make such an approach on LinkedIn, claiming to be a recruiter, is rather stretching credibility to its limits.”

Keith Rosser, a director at Reed Screening, says it shouldn’t just be tech job candidates who have to take action.

‘Online recruitment platforms need to do more’

Told of the phishing, and how Richardson’s comments were hijacked by a 'recruiter' using LinkedIn, claiming to represent Deloitte, Rosser told Free-Work: “Online recruitment platforms need to do more.”

Last night, he added: “They are captured by the UK's Online Safety Act, but very few [recruitment platforms] have made any progress.”

Rosser says an Online Recruitment Scheme to improve standards was launched last year with the UK government’s backing.

‘Make recruitment safe’

“Yet only a few pioneering platforms such as Madgex, e4s and Adzuna have joined,” Rosser says. “Industry must do more to make recruitment safe.”

The second recruitment-related menace hitting techies this week -- CV spamming -- was disclosed by Nadine Drelaud, formerly of Google.

“I’ve been repeatedly contacted by staff from the same recruitment company -- Intellect Group,” Drelaud began.

“They repeatedly send me unsolicited prospective CVs despite my requesting not to be sent prospective CVs.

“This isn't quality recruitment. It’s the sort of high volume, 'spray and pray' spamming that irritates people and makes them never want to work with you”.

‘AI-tech built to make everyone’s life worse’

An AI product CEO, Drelaud further claimed that she’d contacted the recruitment agency directly, only to somehow receive further CVs.

Online, her claims were met with sympathy from a tech recruiter who alleged that the same agency bombards him with CVs.

“A couple of the emails seemed to come from people [at Intellect Group] that don’t [appear to] exist,” stated the recruiter, Liam Doyle, of Native Digital Talent.

“I think it is all automated or AI tech, built to make everyone's life worse!”

‘Key Performance Indicator to send out spec CVs’

Mark Standen, an AI & Automation and data talent expert, took to LinkedIn with a possible explanation.

“[Intellect Group might] well have a KPI to send out spec CVs.

“In some cases, if they don’t send the volume of spec CVs then they miss their KPI which means they miss an element of their salary.”

‘Poor recruitment practices blight the sector’

Shown Drelaud’s claims, Reed’s Mr Rosser blasted: “Poor recruitment practices blight the recruitment sector.”

Of the specific approach of CV spamming which Intellect Group is accused of, the Reed director added:

“A recruitment-by-numbers approach simply does not cut it in modern Britain. Recruitment always was, and still is, built on relationships.

“The mass mail-out approach is bad for hirers. And often it’s also bad for candidates, whose details are shared far and wide, often to irrelevant audiences.”

Online, some tech candidates are asking if the agency’s alleged activity (sending numerous unsolicited CVs to individuals who’ve apparently asked not to receive them), might be unlawful -- not just ‘bad.’

‘Seemingly a GDPR breach’

An expert in contract law, Egos’ Mr Sinclair said there were two frameworks under which the alleged activities could be considered.

The first relevant framework is the UK’s General Data Protection Regulation (GDPR).

Mr Sinclair told Free-Work: “It seems to me that; firstly, if the CVs had been sent to Nadine Drelaud personally -- as opposed to sent to her job title -- after she had expressly requested that such CVs were not sent, then that would seem to be a breach of GDPR, in relation to her data.

“And second, if the individuals who were the subjects of the CVs were identifiable from the CVs or accompanying correspondence, than those individuals might themselves have grounds for complaint [under the General Data Protection Regulation].”

‘Sending an anonymised CV doesn’t quite breach the Conduct Regs’

A former solicitor, Mr Sinclair said the second relevant framework to consider in light of the agency’s alleged activities is the Conduct of Employment Agencies and Employment Businesses Regulations 2003.

He reflected: “Under the Conduct Regs, Regulation 19(3) provides that ‘Neither an agency nor an employment business may introduce or supply a work-seeker to a hirer unless it has obtained confirmation that the work-seeker is willing to work in the position which the hirer seeks to fill.’

“Well, I suspect that sending an anonymised CV doesn’t quite cross the boundary of ‘introduce.’

“So it may be hard to show a clear breach of the Conduct Regulations.”

‘Professionalism and respect’

In a statement to Free-Work, Intellect Group said: “We’re a growing company and, like many young businesses, we’re continually evolving our processes to ensure they reflect the highest standards of professionalism and respect.

“LinkedIn is a professional networking platform, and we use it exclusively to approach individuals or businesses we believe may have a legitimate interest in the talent or opportunities we represent. We always aim to be targeted and relevant — not transactional.”

Intellect Group’s CEO Connor Walsh says the agency would “welcome a direct conversation with Nadine [Drelaud] to understand what went wrong here,” and to “ensure her experience is not repeated with anyone else.”

‘We’re reviewing the Nadine Drelaud situation closely’

Mr Walsh added yesterday in his statement: “We’re the first to acknowledge that on rare occasions we may get it wrong.

“If someone receives communication from us in error or more than once, we’re grateful to be informed and we act quickly to ensure it doesn’t happen again.

“We have strict internal policies around follow-ups and database opt-outs, and we’re reviewing this specific situation closely.”

‘Please remove me’

Drelaud could not immediately be reached for comment.

But a thread she tried to start with Mr Walsh, by linking to his name, states:

“Please remove me from whatever database I seem to have been dragged into against my will, and stop your staff from spamming me.”

‘Hello…have a remote job’

The third recruitment ruse troubling job candidates isn’t confined to techies but hits them as part of it targeting all remote-friendly occupations.

“Hello, I'm from the Trbie HR team. We’ve noticed that your CV is gaining strong attention in the market, and we’d like to introduce you to an exciting online work opportunity. We offer flexible remote part-time [opportunities]”

Another ‘fake job’ text message claims: “Hello, sorry to bother you! I’m Emily from Indeed. We would like to offer you an online remote job. You can earn …[up to] £500 per day.”

‘Two hours work for £190 guaranteed…is nonsense’

Currently flying LinkedIn’s ‘Open To Work’ banner, senior BA Ms Richardson told Free-Work she has received a few fake remote job messages.

Pinging her on WhatsApp, one unsolicited message even invited her to “work [for just] two hours and receive £190… guaranteed”.

‘Great way as an IT contractor to alienate your previous line manager’

“These nonsense messages just get blocked.

“Any job offer that comes into your phone, messaging apps, or inbox that is ‘too good to be true’ really is just that.

“Even more annoying,” added Richardson, before cueing up a fourth irksome recruitment ruse, “is the phone call from a 'genuine' recruiter, who insists on references before putting you forward.

“That’s just a scam to phish for contacts, which is a great way as an IT contractor to alienate your previous line managers!’

‘Recruitment scams on the rise again’

At Reed, Mr Rosser said it’s clear that recruitment scams are “on the rise again.”

But he urged Free-Work users and other tech job board users not to suffer in silence.

“Poor practice can be reported to a trade body if the poor practice is covered by a code of conduct,” he says. “And all work-seekers can report fake job scams for free at www.jobsaware.co.uk.”

Written by

Simon Moore

Simon Moore is one of the UK’s most consistently published freelance journalists on freelancing, self-employment and contractor issues, such as IR35, the Loan Charge and late payment. Trained in News & Features writing by NCTJ-approved journalism tutors, Simon worked in the newsrooms of local, consumer and national press titles, before setting up his own editorial services company, Moore News Ltd. The company’s clients include a FTSE-listed recruiter, a division of one of the ‘Big 4’ accountancy firms and the UK’s largest small business forum. Simon’s articles have been linked to by The Daily Telegraph and the biggest newspaper website in the world, MailOnline. Simon was recently appointed as a judge at IPSE’s Freelancer Awards.

Continue reading around the topics :

Comment

In the same category

Connecting Tech-Talent

Free-Work, THE platform for all IT professionals.

Free-workers
Resources
About
Recruiters area
2025 © Free-Work / AGSI SAS
Follow us