Skip to content

Scammers impersonate Temu, TikTok to target job seekers

  • by
  • 4 min read

Illustration: Cinemato

Cyber scammers, traditionally known for ‘Pig Butchering,’ scams are now shifting focus toward job-related scams to exploit financially vulnerable individuals. For this purpose, scammers impersonated companies like Temu, TikTok, Outlier Ventures, Daptone Records, and the Hotel Association of Canada.

Pig Butchering scams, which have defrauded victims of billions, are typically long-winded investment frauds that deceive victims into investing vast sums in fictitious cryptocurrency platforms. However, these scams require time and careful orchestration to be profitable, as the scammers target individuals with significant savings.

The new ‘job scam‘ approach promises quicker returns for the fraudsters by preying on a wider demographic, including individuals who may be more financially desperate.

Researchers also revealed the financial impact of these scams. They discovered one impersonated website, Daptone Records, raked in over $300,000 in cryptocurrency in just two months. Other sites, impersonating organisations like the Hotel Association of Canada and retail giants like Temu and TikTok, attracted thousands of deposits totalling over $475,000 within short spans.

A sample of the job scam pitch. | Source: Proofpoint

Here’s a list of companies that scammers impersonated along with the job request:

  • Outlier ventures: Ask users to write fake reviews.
  • Temu: Ask users to write and review fake products.
  • TikTok: Ask users to write reviews for fake products and purchases.
  • Daptone Records: Ask users to fake streaming music reviews and play specific songs via Spotify.
  • Hotel Association of Canada: Ask users to write fake reviews and bookings.

The U.S. Federal Bureau of Investigation (FBI) initially flagged this newer method in June 2024 when the agency warned of a spike in fraudulent job scams that primarily originated from mobile apps and messaging platforms.

Researchers observed that these scams typically begin with unsolicited messages on platforms like WhatsApp, SMS, or social media, presenting enticing work-from-home job offers — often a popular option for job seekers today. After catching the attention of the target, the scammer, posing as a recruiter, claims the position involves simple tasks such as boosting Spotify streams, reviewing hotel services or evaluating TikTok products.

Once the target agrees, they are directed to a website—accessible only through a referral code—to complete registration. The website appears professional and demands that users interact with a ‘handler’ to receive training. The task is straightforward: complete a series of clicks or actions (for example, submitting reviews, placing orders) to “earn commissions.”

Scammers requesting a screenshot of the profile page. | Source: Proofpoint

As the target begins to engage with the platform, they encounter intentional “errors” that lead to negative account balances. Here, the “handler” steps in, often covering the deficit, only to inform the target that they must continue their work to unlock larger rewards and pay bonuses.

This approach taps into various psychological triggers, including the sunk cost fallacy, loss aversion, and the principle of reciprocity. According to psychologists, these factors are crucial in ensnaring victims. Victims feel compelled to continue investing time and money into the platform to recover the supposed earnings, thus becoming increasingly committed to the fraudulent job.

The scam also employs social proof to reinforce legitimacy. Researchers also discovered that some victims were added to group chats with fake success stories where confederates, pretending to be other “employees,” encouraged victims by sharing fabricated earnings or praising the system.

Cybersecurity experts caution users and organisations to exercise caution with unsolicited job offers, never pay to start a job, use critical thinking, and spread awareness regarding the issue.

A few months back, reports emerged that cyber crooks were deploying a SolarMarker backdoor via a fake Indeed site. Last year, the Federal Bureau of Investigation (FBI) alerted job seekers about fake foreign job offers that were crypto-scamming people.

In the News: Apple Intelligence rolls out today, coming to more devices soon

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>