A New Spam To Worry About – Job Inquiries Scam

Although fake job scams have been around a long time, advances in technology make it easier and more lucrative for scammers to pose as potential employers.  Cyber criminals fabricate job opportunities that seem real by spoofing the websites of legitimate companies and the emails of real people.  Thousands of people report being a victim to employment scams each year and the damages can be significant.


We Want To Keep Our Users Safe

As our regular blog readers know, when we’re not publishing posts about email marketing, or improvements to various email clients, we’re usually writing about email security issues – because we care a lot about keeping our users safe. A couple months ago we wrote about an email scam sweeping the UK, and before that, we wrote about the industries most at-risk to an email scam… this time we’re writing about one called NitlovePOS.

Scammers Are Sending Emails That Are MeantTtoLlook Like Job Inquiries

Recently, scammers have begun using spam to infect PoS (point-of-sale) computers. In other words, we encourage you not to check your email or browse the web from a PoS computer at work – because scammers are sending emails that are meant to look like job inquiries, with resume attachments that are actually macro. And, if the Macro is given permission to run, then it downloads malware from a server. The Malware was discovered by researchers at the security firm FireEye, and they say it can steal payment data. FireEye dubbed this malware threat as NitlovePOS, and it’s very similar to the kind that affected Target in late 2013, releasing tons of customer data to the public based on their PoS purchases.

Cybercriminals tend to attack PoS systems by guessing or stealing credentials that allow access to the system. That said, it’s not the most likely case for attacks to occur through spam as we described above with NitlovePOS.


Often, scammers make their proposed job positions look legitimate, making job seekers more likely to fall for their trap. Below are some red flags that are commonly found in fraudulent job offers.


  • The email address is not affiliated with a company (ex. Gmail, yahoo). Scammers may pretend to be from a recognizable organization. Some may even use a St. John’s email address making the job offer appear legitimate.
  • The job offer is “too good to be true.” The employer personally reaches out to you. The job position is high-paying but requires little work. The employer contacts you immediately after applying. The interview is quick, and the employer hires you right away.
  • The email is written unprofessionally. The email/text contains several grammatical errors, misspelled words, or uses all-caps. The subject of the email is vague or irrelevant.
  • Information on the company is difficult to find. An online search of the company shows little to no details about the company or the job position being offered.
  • The job description/company is not specific. The job requirements are too simple (ex. Must be 18 years old. Must be a citizen) and do not ask for details about your education or past experiences. A real employer would list specific requirements. There is no company address or phone number provided.
  • The job requires you to handle money place orders, or deposit checks. The employer promises you a job if you pay upfront. The employer asks you to deposit a check, keep some of the money, and send the rest to someone else. The check is most likely fake and will get bounced by the bank. Scammers may also get you to launder money (transferring money from one account to another), which is against the law.
  • The employer asks for confidential information. The employer may ask for your Social Security, bank account, date of birth, and other personal information over the phone, email, or text. Before sending any information to employers, make sure the website is secure having a URL beginning with “HTTPS://” and not “HTTP://”.
  • The employer only communicates via email or text. The employer may ask to interview you using an instant messaging service and ask for confidential information in the process.