Ed Raldiris, an Atlanta-based creative director, was hunting for a job in early June when he got a promising lead for a gig at IPG-owned PR firm Weber Shandwick.
Radiris got an email claiming to be from the company — saying it was regarding a position listed on ZipRecruiter, a job site, for a work-from-home graphic designer position.
But alarm bells started to go off for Raldiris when the company asked to set up an interview via Google Hangouts — on chat. When he started the interview, he noticed the interviewer didn't have the best command of English. The grammar was off, and the questioner never once asked to see his portfolio.
In less than an hour, he had a job offer. "Due to your level of experience and your working skills, the company has decided to hire you as one of our staff," the interviewer wrote via chat. "You are now a staff of Weber shand wick. (sic) and we hope to see the best in you."
Now the alarm bells began shrieking. He asked to speak to someone from the agency via phone, but never received a call. When he spotted a LinkedIn post from Weber Shandwick that warned job seekers of the scam — saying scammers had fraudulently used the agency's name and names of some of its employees to solicit applications for fake jobs, conduct fake interviews and make fake offers — he fired off a response recounting his ordeal.
Though Raldiris has training in IT security, he said the search for the job weakened his usual defenses. "You kind of take off your security hat a little bit," he told Ad Age.
Raldiris, who is still hunting for a position, is one of at least dozens of job-seekers who have been targeted by a scam that seems tailor-made for the agency world. Multiple agencies say the scam first surfaced earlier this summer, stemming from fraudulent ZipRecruiter postings and emails (often from an address using an agency's name but a Gmail domain address) that use an agency's logo, real employee names and company mission statements, and language copy-pasted from websites.
How it works
According to several agencies who have been contacted by vicitms and some victims themselves, here's a loose outline of how it works. Scammers perform interviews with job hopefuls via Google Hangouts chat, then after asking questions, they send over a realistic-looking offer letter and tell victims they'll send a check so an individual can purchase equipment for their "home office." (Along the way, some scammers also ask victims for personal information including Social Security numbers.) Scammers then instruct the victim to deposit the check they were sent and use it to buy equipment from a particular vendor — which is likely linked to the scammer. The victim makes the purchase while the check is clearing. But it doesn't clear; instead it bounces.
A spokesman for the Federal Trade Commission said the organization has no way of assessing the scope of any particular scam and said information regarding investigations is not public.
Katherine Hutt, director of communications at the Council of Better Business Bureaus, said though there are only about five or six common scam tactics, scammers are constantly repackaging and refocusing them. She said work-from-home job schemes affect many sectors in the entertainment field, including talent agencies, influencer marketing and others.
"Scammers operate like businesses — they probably came up with a whole strategy for ad agencies and then they implemented it, just like a marketing campaign. It's a scam campaign," Hutt said. "They specialize, just like PR firms and ad agencies do."
The check scam is a form of "overpayment" scam, in which a scammer purports to send a victim money and directs them to spend some of that money in a certain manner.
"Almost never will somebody pay you too much money and ask you to send it back under legitimate circumstances — it's almost always a scam," Hutt says. "There's no reason for a company to do that."
She notes that the internet has made it easy for scammers to look up names of people who legitimately work at a company, as well as to use recruiter sites to pose as a particular company.
She said job seekers should exercise caution when in an "online hiring situation."
"If you can't meet with the person in-person for the interview and you can't meet with the HR person to fill out the paperwork in-person, it may not be a job worth accepting," Hutt said. "There is a lot of risk in sharing your personally identifying information with someone you have not met in person."
Hutt said victims can visit identitytheft.gov if they gave out personal information to scammers, and shared tips on avoiding scams here.
Not a real job
Dentsu Aegis Network-owned agency MKTG realized job seekers were being targeted by scammers about six weeks ago when a candidate called looking for someone since they'd missed their chat interview time. MKTG doesn't do Google Hangout interviews. The agency dug in to find out what was going on.
"Lo and behold, there was a job for a graphic designer that was on ZipRecruiter," said the agency's Exec VP Michelle Berg. She said the agency has spoken to at least a dozen people who have been affected.
"The English language that is used in the questions is not anything that would come out of MKTG — that part is rather embarrassing," she says.
She says the check amount varies in size — typically between $3,000 and $7,000, with a return address of MKTG's New York office, but with the name of an employee that doesn't work at the agency.
"We want to be completely empathetic with them — here they thought they were getting a job with our agency, and we'd love to be giving them a job, but it's not a real job," Berg said.
She said the scammers are smart by going after the industry, which has a large number of high-end consultants and freelancers. And she says instincts might be a little lessened when people are looking for a job.
"I think blinders tend to go on because they don't want to believe it," she said.
One California-based job seeker thought she was interviewing for a position at MKTG earlier in August and said the chat questions seemed typical for a graphic designer position. She sat through a two-hour interview, then after another hour, she received what she thought was an offer from the agency. But then she saw a post on MKTG's Twitter that said the agency doesn't use ZipRecruiter — so she drove to a MKTG office and learned that the whole thing was a scam. She ended up receiving a check for nearly $7,000 a couple days later to purchase a laptop, file cabinets and other equipment, but did not cash it.
'It started to completely unravel'
Ed Starr, managing partner of experiential agency BMF Media, said the agency realized in late June someone was using its name to reel in candidates for fake jobs at his agency. He said he started getting messages from candidates asking if he really needed their social security number.
"It started to completely unravel," he said.
The agency, which says it will always conduct in-person interviews onsite before making a hire, eventually did a LinkedIn post warning that its name and names of its employees had been "illegally used to obtain personal and financial information under the guise of recruitment for jobs that do not exist at our company."
In the post, BMF apologized to victims who had been affected and said a legitimate company would never request financial access or a Social Security number for a job application. It told job seekers that correspondence involving hiring or interviews would use a company email address.
As for Weber Shandwick, the company said that when it learned of the scam, it "immediately began to take appropriate actions to inform people who might be victims, including publishing an alert across our website and social media channels to warn job seekers (pinning the alert to the top of our feeds where we could). We also immediately coordinated with Zip Recruiter to remove the fake account."
Scott Garner, a spokesman for ZipRecruiter, said the company takes pride in bringing together job seekers and employers and that it is "also acutely aware that there are bad actors out there who, whether on job boards or on other platforms for internet commerce and communication, seek to use the cloak of anonymity provided by technology to take advantage of others."
The company said it has implemented and is continually improving its systems to address that issue, using detection software and "stringent client onboarding processes" to vet posters.
"Still, no system is perfect, no matter how sophisticated or well-intentioned. That is why we take steps to educate job seekers about how to spot suspicious activity and encourage reporting of all such activity to us so we can investigate and take prompt remedial action," he said.