A recent report by HackRed said that fraudsters are publishing fake job advertisements under the names of internationally renowned brands like KFC, Red Bull, and even Ferrari. These advertisements look like real job advertisements, but are actually phishing traps.
According to researchers, victims are first sent fake job offers via email. The emails use language that is often thought to be generated using large language models or AI.
Clicking on a link in the email takes the user to a fake security verification page, from where they are redirected to a website that looks exactly like a popular job search platform.
The user is then instructed to log in with their email or Facebook account. If they choose Facebook login, they see a 'loading progress bar' that never ends. It is during this time that the fraudsters collect their Facebook username and password.
Researchers say that this type of fraud can usually be identified by unfamiliar email addresses, unusual website URLs, or links that don't match the brand's official website.
A similar scam had previously targeted Microsoft 365 and Google Workspace users, where users' login information was stolen by displaying fake Google job ads.
Cyber security experts advise that it is important to verify the source of a job advertisement or email. Instead of clicking on an unknown link, go directly to the company's official website to verify whether the advertisement is genuine or not.
In addition, it is possible to keep Facebook or other accounts largely secure if two-factor authentication is enabled.
