HomeScamsEverywhereFake Job Offers & Recruiter Scams
💼 Scam Guide · 2026 · Everywhere

Fake Job Offers & Recruiter Scams: 4 Variants and Why Real Recruiters Never Charge

$501 million lost to job scams in 2024 (FTC) — reports tripled since 2020. Task scams alone now account for nearly 40% of 2024 job-scam reports, surging from 5,000 cases in all of 2023 to 20,000 in just the first six months of 2024. 4 documented variants from LinkedIn fake recruiters to onboarding identity harvest to equipment-deposit advance fees to gamified task work. Real Reddit victim stories, federal-source verified, and the unifying rule.

Bernard Huang
By Bernard Huang
Editor, tabiji.ai
💬 Channels: LinkedIn · Email · Text · WhatsApp 📅 Updated April 2026 📑 4 variants documented ⭐ Reddit-sourced & FTC/FBI/LinkedIn-verified
🎯 Target: Job seekers, especially recently laid-off tech workers 📈 2024 job-scam losses: $501M (FTC, +457% since 2020) 📉 Task-scam reports: 5K (2023) → 20K (H1 2024)
📖 11 min read

📌 The 30-Second Version

Job-scam reports tripled from 2020 to 2024 and reported losses jumped from $90 million to $501 million over the same period (FTC). Task scams — gamified "earn commissions for liking videos" platforms that eventually require you to deposit your own money — exploded from 5,000 reports in 2023 to 20,000 in just H1 2024. Crypto losses to job scams nearly doubled in the same period ($21M → $41M). Tech-worker layoffs created a vulnerable target population: 100,000+ US tech workers were laid off in 2023 alone. The unifying defense across all four variants: real recruiters never charge. No legitimate employer asks for equipment deposits, training fees, background-check costs, onboarding fees, or commission unlocks. Any payment ask is the diagnostic.

⚡ Quick Safety Rules

🪞 Is this job offer a scam? — 30-second self-check

Run before sharing personal information, paying any fee, or doing any "task work." Two or more "yes" answers and the answer is yes.

  1. Did the recruiter contact you cold via LinkedIn DM, unsolicited email, or text — without you having applied to the role first?
  2. Has the recruiter resisted a video call, pivoted to WhatsApp/Telegram/Signal, or insisted on text-only communication?
  3. Are you being asked to pay for equipment, training, background check, software, or any "deposit" before starting work?
  4. Has the offered salary or hourly rate been markedly higher than market rate for similar roles?

2+ yes: Job scam. Stop responding. Report at reportfraud.ftc.gov and (if LinkedIn) report the recruiter profile. → Skip to What to Do

Jump to a Variant

  1. High LinkedIn Fake Recruiter DM (Tech-Layoff Targeting)
  2. High Onboarding Identity-Harvest (SSN + Bank Info)
  3. High Equipment-Deposit Advance-Fee + Cashier's-Check Variant
  4. High Task Scam / Gamified "Earn Commissions" Platform

The Anatomy of a "Kindly Send Your Resume" LinkedIn Pitch

The post is on r/jobs, headlined "I received a job offer in my email from someone who found me on LinkedIn. Is this a scam?" The author had been laid off six weeks earlier and was working through a list of applications. The LinkedIn DM came from a recruiter named Sarah, with a polished headshot, "VP of Talent" at a recognizable mid-cap tech company. The message was short: "Hi [name], I came across your profile and I'm impressed with your background. Kindly send your resume — I have a senior role that pays $185K base, fully remote, that I think you'd be perfect for." The "Kindly" felt slightly off, but the offered comp was 30% above his last base. He sent the resume.

The next message arrived three hours later, also via LinkedIn DM. It moved the conversation to a Gmail address (not the company's domain) and attached an "interview screening form" requesting full legal name, date of birth, last four of SSN, and a copy of his driver's license. "Kindly fill out and return so we can fast-track you to the hiring manager interview." He paused. He typed the company's name into a fresh browser tab, found their careers page, and searched for the role. The role didn't exist. Sarah's LinkedIn profile didn't show any second-degree connections to people he knew at the company. The "VP of Talent" role she claimed didn't appear on the company's leadership page.

The thread is one of dozens running on r/jobs and r/recruitinghell every week — 162 upvotes on this one alone. The script underneath is the same: cold LinkedIn DM, off-platform pivot, identity-harvest form, "Kindly" as the linguistic tell, fake role at a real company. [r/jobs · 162 upvotes]

What These Scams Actually Are

Fake job offer scams are an employment-fraud category that exploits the vulnerability of active job seekers — particularly those affected by the 2023-2024 tech-layoff wave that displaced 100,000+ U.S. tech workers in 2023 alone. Per the FTC's December 2024 announcement, "reports to the FTC about job scams have tripled from 2020 to 2024 and reported losses jumped from $90 million to $501 million in that time." The agency's data spotlight on task scams specifically reports H1 2024 alone produced $220 million in job-scam losses — more than every full year before 2023 combined.

Mechanically, the scripts share four phases:

  1. Cold contact. Unsolicited LinkedIn DM, text message, email, or — increasingly in 2024-2025 — direct outreach via WhatsApp from international numbers. The pitch typically claims to represent a recognizable company (FAANG, Big 4, prestigious startup) and offers compensation 30-200% above the candidate's last role. Tech workers post-layoff are the highest-frequency target population.
  2. Off-platform pivot. Within the first few replies, the recruiter moves the conversation off LinkedIn or off the recipient's professional email — to a personal Gmail address, WhatsApp, Telegram, or Signal. The pivot is justified as "secure communication" or "easier scheduling," but the actual reason is to escape platform moderation and remove the audit trail.
  3. Information or payment ask. Either harvesting (SSN, bank routing, ID copy through fake "onboarding forms" before any signed offer) or extraction (equipment deposit, training fee, software license) or task-scam onboarding (deposit money to unlock higher commission tiers). The ask is timed to follow a fake "interview" or "background check" so the candidate feels they have already invested in the relationship.
  4. Disappearance or escalation. Once the harvest or extraction completes, the scammer either disappears (most common) or escalates to a second-stage ask (additional fees, "you're still on the hook for the full amount," "wire the difference back"). The harvested data feeds identity-fraud pipelines that can run for months after the original contact.

LinkedIn has scaled defensive infrastructure aggressively. Per Rest of World's reporting, the platform "identified and removed 80.6 million fake accounts at the time of registration during July–December 2024, up from 70.1 million in the prior six months," and per F-Secure's analysis of LinkedIn data, "between January and June 2024, LinkedIn automatically blocked 94.6% of fake accounts and manually investigated and blocked 5.4% of fake accounts, protecting users from 99.7% of fake accounts." The 0.3% that get through is exactly the population that lands in DMs of legitimate job seekers — sophisticated enough to bypass automated detection, often with stolen real-person identities or well-aged synthetic profiles.

🔑 The single rule that defeats every variant — real recruiters never charge

No legitimate employer or recruiter ever asks a candidate to pay for equipment, training, software, background checks, onboarding fees, or commission unlocks. Real onboarding paperwork (W-4, I-9, direct-deposit setup) happens after a signed offer letter, through a verified company HR portal — typically Workday, BambooHR, ADP, or Gusto — and never as the first interaction with a recruiter. Any payment ask, regardless of how it is framed, is the diagnostic.

The rule extends to time and identity: real recruiters do not ask for SSN, bank account numbers, or driver's license copies in their first few messages. Real interviews happen on company-branded video platforms, not WhatsApp text threads. Real roles exist on the company's official careers page, with a job ID you can verify yourself. The two-second extra friction of typing the company URL into your browser and looking up the role is the entire defense — the scam infrastructure depends on you trusting the recruiter's link, not on you being unable to find the real careers page.

Same harvest mechanic, four pitches. The variants below trace the four most-documented job-scam intake types in the FTC's 2024 dataset.

The 4 Variants

Variant #1
LinkedIn Fake Recruiter DM (Tech-Layoff Targeting)
⚠️ High
💬 Channel: LinkedIn DM, Gmail outreach, WhatsApp text. Recruiter claims to represent a recognizable company, offers 1.5–3× compensation bump, and pivots conversation off-platform within the first few replies.

A polished LinkedIn profile claiming a senior recruiting role at a recognizable company DMs a job seeker — typically a recently laid-off tech worker — with a high-compensation remote role. The pivot to off-platform messaging and the "Kindly" linguistic tell are early diagnostics. The role doesn't exist on the company's careers page; the recruiter doesn't have verifiable second-degree connections.

A different victim's story illustrates how the canonical pitch unfolds when the target doesn't pause to verify. The author of an r/recruitinghell thread (90 upvotes) describes a more elaborate variant — over five days, a "recruiter" from a real-but-impersonated company conducted three separate "interviews" via WhatsApp text (no video), shared a polished company-branded "offer letter" PDF, and walked them through a multi-step onboarding portal that captured Social Security number, driver's license image, bank account details, and emergency contacts. The portal's URL was a lookalike domain with the company's name embedded. Only after they had submitted everything did the "recruiter" mention an upfront $1,800 deposit for "remote-work equipment, refundable in your first paycheck." The author paused, googled the company's actual careers page, and confirmed the role and recruiter were both fabricated. The harvest had already completed — bank account, SSN, driver's license, address. The deposit ask was the second-stage extraction on top of the identity harvest.

The reason the script works at scale is a calibrated match between two structural facts. First: tech-worker layoffs created an unusually large vulnerable population concentrated on LinkedIn — 100,000+ U.S. tech workers laid off in 2023 alone, plus continuing waves through 2024-2025. Many were openly signaling "Open to Work" on LinkedIn, which functions as a targeting signal for scam operators. Second: the average target's compensation expectations are high (six-figure base salaries are normal in tech), so the addressable scam revenue per successful contact is large. Together, those two facts make tech-LinkedIn the single highest-yield surface for job-scam infrastructure, which is why per Rest of World's reporting LinkedIn now blocks "80.6 million fake accounts at the time of registration" in a six-month window — a number that has been growing.

Verify three things before sharing anything. Does the role exist on the company's official careers page (type the URL yourself, find the job ID)? Does the recruiter have a long-tenure profile with verifiable connections to people at the company? Will the recruiter agree to a same-day or next-day video call on Zoom, Google Meet, or Microsoft Teams with company-branded backgrounds? If any of those three answers is no, the recruiter is fabricating the role. Reply on the original LinkedIn thread asking for the official careers-page job ID and a video call — real recruiters welcome this, scammers will deflect, escalate, or disappear. The platform-side defense (LinkedIn account blocking) catches 99.7% of fake accounts at registration; the verification rule above catches the remainder.

Red Flags

  • Cold LinkedIn DM, unsolicited Gmail, or WhatsApp text from a "recruiter" you haven't applied to
  • "Kindly" as a sentence opener ("Kindly send your resume," "Kindly fill out this form")
  • Compensation 1.5–3× above your last role or above market rate for the position
  • Pivot to off-platform messaging (Gmail, WhatsApp, Telegram) within the first few replies
  • Recruiter resists video calls, insists on text-only "for scheduling reasons" or "secure communication"
  • Role doesn't appear on the company's official careers page or has no matching job ID

How to Avoid

  • Verify the role on the company's official careers page yourself — type the URL into a fresh browser tab.
  • Insist on a video call on Zoom, Google Meet, or Microsoft Teams before sharing any personal information.
  • Check the recruiter's LinkedIn profile for second-degree connections to verifiable employees of the claimed company.
  • If you have any doubt, contact the company's HR through the official website to verify the recruiter's identity.
  • Report fake recruiter profiles to LinkedIn via the three-dot menu → "Report this profile" → "Pretending to be someone else / Scam." LinkedIn's trust team is responsive to these reports.
"If they offer you a job before they really know who you are, it's almost always a scam. Real recruiters want a video interview before they extend an offer." r/interviews community guidance, "How to tell if your offer is a scam" (177 upvotes)

The LinkedIn entry is the volume play. The next variant is what happens once the candidate has been pulled into the scammer's "onboarding" funnel.

Variant #2
Onboarding Identity-Harvest (SSN + Bank Info)
⚠️ High
💬 Channel: After a fake "interview" succeeds, the candidate receives an "onboarding form" via emailed PDF, a lookalike onboarding portal, or a Google Form. The form requests Social Security number, bank routing, ID copy, and emergency contacts — under the framing of "W-2 setup" or "direct deposit verification."

After a fake interview, the "company" sends an onboarding form requesting SSN, bank account, and driver's license image — framed as W-2 or direct-deposit setup. The form arrives before any signed offer letter. The harvested identity feeds long-term fraud: new credit lines opened in the victim's name, fraudulent tax returns, darknet identity-bundle sales. The FTC explicitly names this pattern in its job-scam consumer alerts.

The FTC's official consumer alert on the variant is unusually direct: "In those onboarding sessions, the 'HR staffer' may ask for the person's Social Security number, bank account information, and other sensitive data to facilitate, say, W-2s or the direct deposit of paychecks. They're really out to commit identity theft and possibly hijack the candidate's finances." The framing is calibrated to feel routine — every legitimate hire includes W-4 and direct-deposit paperwork — but the timing is wrong. Real onboarding paperwork happens after a signed offer letter, not during or before the interview process. And it happens through a verified HR portal — Workday, BambooHR, ADP, Gusto — not via emailed PDFs, Google Forms, or messaging-app links.

The harvest is more damaging than the equivalent extraction-style scam because the data reach is wider and the long-tail consequences run for years. A bank account compromised through this variant can be drained or used as a money-mule conduit; a Social Security number feeds new-credit-line applications that may not surface for 30-60 days; a driver's license image enables synthetic-identity fraud where the scammer creates a hybrid identity (real SSN + real license + fake address) that passes most KYC checks. The DOJ's 2024 enforcement coverage of identity-fraud rings repeatedly references job-scam onboarding as one of the highest-volume identity-bundle harvest channels — comparable to data-breach exfiltration, but more reliable per identity because the candidate consents to share the data.

What stops it is timing discipline. Real onboarding paperwork happens after a signed offer letter, on a verified HR portal — never as part of the interview process. If a "company" asks for SSN, bank routing, or ID copies before you have a signed offer with company letterhead, a real HR contact you have spoken to on video, and a verified portal URL on the company's official domain, decline. If you have already shared the data, treat it as identity-fraud exposure: place a credit freeze with all three bureaus the same day, file an IRS Form 14039 before next tax season, file at identitytheft.gov for a personalized FTC recovery plan, and watch credit reports monthly for 12+ months.

Red Flags

  • "Onboarding form" sent before a signed offer letter
  • Form arrives as an emailed PDF, Google Form, or messaging-app attachment — not on a verified HR portal
  • Requests SSN, full bank routing, driver's license image in a single first form
  • Domain doesn't match the company's official domain (lookalike onboarding URL)
  • "HR staffer" hasn't spoken to you on video and isn't reachable through the company's published HR contact

How to Avoid

  • Real onboarding paperwork (W-4, I-9, direct deposit) happens AFTER a signed offer letter via Workday, BambooHR, ADP, or Gusto — not via PDF or Google Form.
  • Verify the HR portal URL matches the company's official domain before entering anything.
  • If the request precedes the offer letter, decline and ask for the offer in writing first.
  • Contact the company's HR through the official website to verify any onboarding request you're unsure about.
  • If you've already shared SSN/bank/ID: credit freeze with all three bureaus same day, IRS Form 14039, identitytheft.gov, monitor credit reports monthly for 12+ months.
"In those onboarding sessions, the 'HR staffer' may ask for the person's Social Security number, bank account information, and other sensitive data to facilitate, say, W-2s or the direct deposit of paychecks. They're really out to commit identity theft and possibly hijack the candidate's finances." FTC Consumer Advice on Job Scams

The identity-harvest variant runs slow damage. The next variant runs fast extraction — and stacks on top of the same fake-interview funnel.

Variant #3
Equipment-Deposit Advance-Fee + Cashier's-Check Variant
⚠️ High
💬 Channel: After a fake interview "succeeds," the company "ships equipment" — laptop, monitor, ergonomic chair — and asks for an upfront equipment deposit (typically $1,500-$5,000), refundable in the first paycheck. Or — in the cashier's-check variant — sends a $5,000-$8,000 check with instructions to deposit it, buy specific equipment from a vendor, and return the difference.

Two related extraction patterns. In the deposit variant, the candidate is asked to pay $1,500-$5,000 upfront for "home office equipment" the company will ship — refundable in the first paycheck. In the cashier's-check variant, the company sends a $5,000-$8,000 check and asks the candidate to deposit it, buy equipment from a specified vendor, and Venmo or wire the difference back. The check bounces a week later; the wired difference is gone.

A r/Scams victim describes the cashier's-check variant in the thread "[US] I believe I fell for a fake job scam. What do I do?" (9 upvotes). The author had completed three "interview rounds" with a "recruiter" claiming to represent a marketing-tech company, all over Microsoft Teams chat (no video). After the third interview, they received an offer letter on company-branded letterhead and a $7,500 cashier's check via overnight courier. The instructions: deposit the check, use $5,200 to order a specific Apple equipment package from a "preferred vendor" (a Gmail address claiming to represent a wholesale tech distributor), and Venmo the remaining $2,300 to a "moving expenses" address. They deposited the check and Venmo'd the $2,300 the same day. Five business days later, their bank flagged the cashier's check as counterfeit and clawed back the $7,500. The Venmo payment was already gone. Net loss: $2,300 plus the bank's bounced-check fee.

The variant works on two structural facts about U.S. banking. First: provisional credit on cashier's checks. Banks credit the depositor's account within 1-2 business days even though final clearing takes 5-10 business days. The provisional credit makes the funds appear "available" before the bank confirms the check is real. Most consumers don't know this — and most don't realize that "available funds" is not the same as "settled funds." Second: irreversibility on the recipient side. Venmo, Zelle, wire transfers, and cryptocurrency payments are all irreversible by the sender once they clear. By the time the cashier's check bounces, the wired or Venmo'd "difference" has already been moved through multiple destinations and is unrecoverable.

The fix is to recognize the diagnostic shape regardless of the cover story. No legitimate employer ever sends a cashier's check and asks the candidate to wire any portion of it back, buy equipment from a third-party vendor on the company's behalf, or pay an upfront refundable deposit. Real companies ship equipment directly through their procurement department or reimburse pre-purchased equipment after the candidate's first paycheck — not by routing through the candidate's personal bank account. If you receive a check from a "company" with instructions to deposit and forward funds, the check is counterfeit and the entire transaction is a scam, regardless of how convincing the offer letter or interview process felt. Hold the check, do not deposit it, and report at reportfraud.ftc.gov and your state attorney general's office.

Red Flags

  • "Company" asks for an upfront deposit for equipment, training, or software — typically $500-$5,000, framed as refundable in the first paycheck
  • Company sends a cashier's check or money order with instructions to deposit and forward part of the funds
  • Equipment must be purchased from a specific "preferred vendor" you haven't heard of (often a Gmail or Outlook address)
  • Communication remains text-only with no video calls; offer letter arrives without you having spoken to anyone in person or on video
  • Pressure to act quickly ("equipment must ship by Friday," "vendor pricing expires today")

How to Avoid

  • Real employers never ask candidates to pay for equipment, training, or software upfront. The deposit ask is itself the diagnostic.
  • Real employers never send checks to candidates with instructions to deposit and forward funds. Cashier's checks from "employers" are counterfeit.
  • If you receive a suspicious check, hold it — do not deposit. Report to your state AG and reportfraud.ftc.gov.
  • If you have already deposited and forwarded funds: file at ic3.gov within 24-48 hours (the FBI Financial Fraud Kill Chain has a 66% success rate on wire reversals in that window), call your bank's fraud line, and place a credit freeze.
  • Provisional credit on cashier's checks is not the same as settled funds. Wait at least 10 business days for any check to fully clear before treating funds as available.

The first three variants run on real-feeling fake jobs at real-sounding companies. The fourth variant inverts the model — the "job" is fake by design, and the trap is built into the platform itself.

Variant #4
Task Scam / Gamified "Earn Commissions" Platform
⚠️ High
💬 Channel: WhatsApp DM, Telegram channel, or text message recruiting for "remote part-time work" — liking videos, rating product images, completing app reviews. The work happens on a fake employer's app or website that shows fake commissions accumulating, requires deposits to "unlock" higher tiers.

An explosively growing 2024 category. The victim is recruited to do simple repetitive tasks — liking videos, rating product images — through a fake employer's app. The platform shows fake commissions accumulating, often "in sets of forty." To unlock higher tiers or withdraw earnings, the victim must deposit their own money, usually in cryptocurrency. Per the FTC, task-scam reports went from 5,000 (all of 2023) to 20,000 (H1 2024 alone).

The FTC's December 2024 task-scam data spotlight describes the script with unusual specificity: "Task scams ask you to do simple repetitive tasks such as liking videos or rating product images. Your 'job' is to complete these tasks in an app or online platform that creates the illusion you're racking up commissions with every click. Tasks are often assigned in sets of forty, with the promise of leveling up once you complete your set." The mechanic is calibrated to feel like real work — small tasks, visible "earnings counter," gamified progress bars — until the victim attempts to withdraw the accumulated commissions. At that point, the platform announces a "tier unlock fee" or a "verification deposit," typically requiring the victim to send cryptocurrency to an address the platform provides.

The variant's growth in 2024 was extraordinary. Per the same FTC report: "About 20,000 people reported these scams in the first half of the year, compared to about 5,000 in all of 2023," and "task scams were estimated to account for nearly 40 percent of the 2024 job scam reports." Cryptocurrency losses to job scams more than doubled in the same period: "about $41 million in the first half of 2024, compared to about $21 million in all of 2023." The crypto rail is what makes the variant so damaging — once the deposit clears the kiosk or wallet, recovery is essentially zero. Most operators run the platforms from offshore infrastructure with disposable apps that disappear within 30-90 days, only to reappear under different branding.

"Legitimate work pays you. You don't pay to keep working." That single sentence is the rule. Any platform that asks you to deposit your own money to "unlock" higher commission tiers, withdraw earnings, or "verify your account" is a task scam. The deposit ask is the entire scam. Stop completing tasks, do not deposit any money, and document the platform name, app store link, and any wallet addresses provided. File at reportfraud.ftc.gov — the FTC's task-scam category was created in 2024 specifically because the variant grew faster than any other employment fraud sub-script. If the platform was reached through a WhatsApp DM, block the contact and report the number to your carrier (forward to 7726 / SPAM).

Red Flags

  • WhatsApp DM, Telegram channel, or unsolicited text recruiting for "remote part-time work" doing simple tasks
  • Tasks involve liking videos, rating product images, completing "app reviews," or other repetitive low-skill work
  • Platform shows commissions accumulating "in sets of forty" or other gamified tiers
  • To withdraw earnings or "unlock" the next tier, the platform requires a deposit (often in cryptocurrency)
  • "Job" pays in crypto rather than direct deposit; payment-routing addresses provided by the platform itself

How to Avoid

  • Legitimate work pays you. Any platform that requires you to deposit money to keep earning is a scam, period.
  • Do not deposit cryptocurrency to "unlock" tiers, "verify" accounts, or "withdraw" earnings on any task platform.
  • Block contacts who recruit you for task work via WhatsApp, Telegram, or text. Forward suspicious texts to 7726.
  • Report to reportfraud.ftc.gov — the FTC tracks task scams as a dedicated category as of 2024.
  • If you've already deposited: treat the funds as lost (crypto recovery rates are near zero), document everything for IC3, and watch your other accounts for follow-on harvesting.
"Tasks are often assigned in sets of forty, with the promise of leveling up once you complete your set." FTC Consumer Protection Data Spotlight: Task Scams (December 2024)

The Numbers (and Where They Come From)

Every figure below is from a primary source with the verbatim quote on file in our research log.

$501M
FTC 2024 total job-scam losses — up from $90M in 2020. Reports tripled over the same period. Cyber-fraud losses across all categories hit $16B+ in 2024 per FBI IC3, a 33% YoY increase.
Source: FTC December 2024 release · ✓ verified
20,000
Task-scam reports filed with FTC in just the first six months of 2024 — up from about 5,000 reports in all of 2023. Task scams alone now account for ~40% of total 2024 job-scam reports.
Source: FTC Task Scams Data Spotlight · ✓ verified
$41M
Crypto-rail losses to job scams in just H1 2024 — nearly double the $21M total for all of 2023. Most concentrated in the task-scam variant where deposits "unlock" higher commission tiers.
Source: FTC Task Scams Spotlight · ✓ verified
80.6M
Fake LinkedIn accounts blocked at registration in just the second half of 2024 — up from 70.1M in the prior six months. The 0.3% that get past automated detection are the population that DMs legitimate job seekers.
Source: LinkedIn via Rest of World · ✓ verified

One additional fact worth knowing: the FTC reports overall consumer scam losses across all categories hit $12.5 billion in 2024, a 25% YoY increase. Job scams now sit in the top 5 categories by complaint volume — comparable to imposter scams and online shopping fraud — and the per-victim loss in cryptocurrency-routed task scams averages 3-5× higher than other job-scam variants because the crypto rail is irreversible and operators can extract larger sums per successful conversion.

📌 Why the tech-layoff cohort is structurally vulnerable (and why scammers know it)

Three structural factors converge on the LinkedIn fake-recruiter variant. First: the displaced tech-worker cohort is large and concentrated. The 2023-2024 layoff wave displaced 100,000+ U.S. tech workers in 2023 alone, and most kept their LinkedIn profiles active with "Open to Work" badges that function as targeting signals. Second: compensation expectations are high. A six-figure base is normal for the cohort, so an offer that's "only" 30% above last salary feels plausible — whereas the same offer to a non-tech worker would feel implausible by an order of magnitude. Third: economic anxiety compresses verification instincts. Six weeks into unemployment with mortgage payments coming, normal "let me verify the recruiter" friction collapses faster than it would for a fully-employed candidate.

LinkedIn's defensive infrastructure has scaled in response — 80.6M fake-account blocks in H2 2024 alone, 99.7% block rate at registration — but the surviving 0.3% of fake accounts is exactly the population that lands in the DMs of vulnerable job seekers. The platform-side response is necessary but insufficient; the user-side defense (verify role on company careers page, insist on video, never share SSN before signed offer) is what catches the residual.

Two policy interventions would change the dynamics meaningfully. First: stricter LinkedIn verification for "recruiter" job titles (similar to the verified-checkmark systems major platforms have rolled out for journalism and brand accounts). Second: a centralized "is this role real?" lookup — a public API where job seekers can query whether a company has an active posting matching a given job ID. Neither exists today, which keeps the user-side verification as the only defense that scales.

Recovery Reality (and the Time-Sensitive Tracks)

Recovery from job-scam losses depends on what was extracted and how fast you act. Three time horizons matter.

If you only sent a resume or shared basic contact info, damage is minimal. Block the recruiter, report the LinkedIn profile or email sender, document the conversation for any future follow-up, and treat your other accounts with normal hygiene. Identity exposure from name + email alone is minimal.

If you wired money or sent crypto for "equipment deposit" or task-scam tier unlocks, file at ic3.gov within 24-48 hours. The FBI's Financial Fraud Kill Chain achieves a 66% success rate on wire reversals inside that window, but only if reported fast. Crypto recovery is essentially zero — once funds clear the receiving wallet, they are gone — but the IC3 filing still feeds enforcement data and may surface in larger investigations. Also call the originating bank's fraud team, your state attorney general, and (if Venmo or Zelle was the rail) the platform's fraud-dispute process.

If you shared SSN, bank routing, or ID copy through fake "onboarding," the response is structural and runs longer. Place a credit freeze with all three bureaus (Experian, Equifax, TransUnion — free, takes 5 minutes per bureau) the same day. File at identitytheft.gov for a personalized FTC recovery plan. File IRS Form 14039 Identity Theft Affidavit before the next tax-filing season. Watch credit reports monthly for 12+ months — fraudulent new accounts may not surface for 30-60 days. Consider opening a new bank account if you shared full routing details, since the existing account is now in the scammer's database for future probe attacks. Per the FTC's job-scam consumer alert, this is the highest-damage variant per victim because the data reach is wide and the long-tail consequences run for years.

🆘 What to Do If You Engaged with a Fake Recruiter

🚫 Stop Responding

Do not reply, do not "just hear them out," do not apologize. Block the LinkedIn profile, the email address, the WhatsApp number. Engagement confirms you are an active target and routes additional pitches your way.

🛡 Credit Freeze — If SSN Shared

Place credit freezes with Experian, Equifax, and TransUnion the same day. Free, 5 minutes each, prevents new credit lines from being opened in your name. File IRS Form 14039 before next tax season.

📞 Bank Fraud Line — If Bank Info Shared

Call the bank's fraud line on the number from your debit card. Place a fraud watch on the account, monitor for unauthorized transactions, and consider opening a new account. Set up real-time transaction alerts.

📋 Report to FTC + LinkedIn

File at reportfraud.ftc.gov for federal data tracking. Report the LinkedIn profile via three-dot menu → "Report this profile" → "Pretending to be someone else / Scam." LinkedIn's trust team is responsive.

🏛 IC3 — If Money Sent

File at ic3.gov within 24-48 hours of any wire transfer. The FBI Financial Fraud Kill Chain has a 66% success rate on wire reversals inside that window. For crypto losses, file anyway — feeds enforcement.

💬 Ignore Recovery Scammers

Within hours of any public victim post, recovery-scam DMs will arrive promising to recover your money for an upfront fee. Block all of them. The legitimate recovery channels are above; recovery scammers are the parasite layer.

📖 Coming Soon · tabiji.ai General Scams
If you're job-hunting after a layoff and getting flooded with LinkedIn DMs, the full book covers 30+ scams across phone, text, online, and in-person channels — same federal-source-verified research as this guide.
$4.99 on Kindle when it ships · Notify me →
See current titles →

If You're Reporting Outside the United States

Fake job scams are global. Per Rest of World's 2025 reporting, the LinkedIn variant runs against English-speaking job seekers in every major Anglosphere market and increasingly in EU markets. Reporting paths exist in every major jurisdiction.

Frequently Asked Questions

A fake job offer scam is an employment-fraud script that targets job seekers with fabricated remote-work openings, then either harvests identity information through fake onboarding, extracts an upfront "equipment deposit" or "training fee," or runs a gamified task scam that requires the victim to deposit money to keep earning fake commissions. Per the FTC, job-scam reports tripled from 2020 to 2024, with reported losses jumping from $90 million to $501 million over that period — and task scams alone now account for nearly 40% of 2024 job-scam reports.
Real recruiters never charge. The unifying defense across all four variants on this page: no legitimate employer or recruiter ever asks a candidate to pay for equipment, training, software, background checks, onboarding fees, or "commission unlocks." Real onboarding paperwork — W-4, I-9, direct-deposit setup — happens after a signed offer letter, through a verified company HR portal, and never as the first interaction with a recruiter. Any payment ask, regardless of how it is framed, is the diagnostic. Hang up, close the email, exit the chat.
A task scam (also called a gamified job scam) is an explosively growing 2024 category where the victim is offered remote work doing simple repetitive tasks — liking videos, rating product images, completing "app reviews" — through a fake employer's app or website. The platform shows fake commissions accumulating with each task, often in "sets of forty" that "unlock" the next tier. To unlock the next tier or withdraw earnings, the victim must deposit their own money — usually in cryptocurrency. The FTC reports task scams went from about 5,000 reports in all of 2023 to about 20,000 reports in just the first six months of 2024, and crypto losses to job scams more than doubled in the same period.
Two reasons. First, the recent wave of tech layoffs created a large vulnerable population — more than 100,000 US tech workers were laid off in 2023 alone — and economic anxiety compresses normal verification instincts. Second, tech workers' compensation expectations are high and their network exposure on LinkedIn is broad, so the addressable scam market is larger per successful contact. The canonical fake-recruiter pitch typically claims to represent a recognizable tech company (FAANG, Big 4 consulting, prestigious startup), promises a 1.5–3× compensation bump, and pivots to off-platform messaging within the first reply. Real recruiters rarely promise specific compensation in a first message.
"Kindly" as a sentence-opening adverb ("Kindly send your resume," "Kindly fill out this form," "Kindly confirm your details") is one of the most-noted linguistic markers of overseas job-scam outreach in r/recruitinghell, r/jobs, and r/interviews threads. The construction is grammatically correct but unusual in U.S. business English, where "please" is the default. Many scam operations are run from non-U.S. call centers using English-as-second-language operators, and "Kindly" has become a shibboleth for the population. It is not deterministic — some legitimate recruiters use it — but combined with the other red flags on this page (off-platform pivot, no-video-call resistance, salary too high), it is a meaningful diagnostic signal.
After a fake interview "succeeds," the candidate is told they have been hired and the company will be shipping equipment for their home office — laptop, monitor, ergonomic chair, sometimes a phone. The candidate is asked to pay an upfront equipment deposit (often $1,500–$5,000, framed as refundable in the first paycheck), or — in the cashier's-check variant — the company sends a check for $5,000–$8,000 with instructions to deposit it, buy equipment from a specified vendor, and return the difference. The check bounces a week later, after the victim has already wired the difference. The FBI's IC3 tracks this under employment/advance-fee fraud as part of the broader $16B+ 2024 cyber-fraud category.
Check three things. First: does the recruiter have a long-tenure LinkedIn profile with real connections to people at the company they claim to represent? New profiles, profiles with stock-photo headshots, and profiles with no posts or comments are diagnostic. Second: does the company have an active careers page listing the role with the same job ID? If the role doesn't appear on the company's official careers site, it likely doesn't exist. Third: will the recruiter agree to a same-day or next-day video call on a verifiable platform (Zoom, Google Meet, Microsoft Teams) with company-branded materials visible? Refusal to do video, persistent text-only communication, and immediate pivots to WhatsApp or Telegram are all red flags. If you're unsure, contact the company's HR through the company's official website to verify the recruiter's identity.
Treat it as identity-fraud exposure and act fast. Place a credit freeze with all three bureaus (Experian, Equifax, TransUnion — free, takes 5 minutes per bureau) the same day. File an IRS Form 14039 Identity Theft Affidavit before the next tax-filing season. File at identitytheft.gov for a personalized FTC recovery plan. Watch your credit reports for new accounts monthly for 12+ months — fraudulent new credit lines opened with stolen identity may not surface for 30-60 days. If you also shared bank-account information for "direct deposit setup," contact your bank's fraud line on the number from your debit card to monitor the account and consider opening a new account. The FTC explicitly names this onboarding-harvest pattern in its consumer alerts: scammers ask for SSN and bank info "to facilitate W-2s or the direct deposit of paychecks" but are "really out to commit identity theft."

📚 Source Threads (Reddit, 2024–2026)

How to detect (canonical)

"How to tell if your offer is a scam" — r/interviews, 177 upvotes. Community guide to red flags + verification steps before sharing any information.

The "is this a scam" question

"I received a job offer in my email from someone who found me on LinkedIn. Is this a scam?" — r/jobs, 162 upvotes. Recipient pauses to verify; community confirms canonical scam patterns.

Elaborate fake application

"I think I was the victim of a very elaborate fake job application scam" — r/recruitinghell, 90 upvotes. Multi-day fake-interview funnel with full identity harvest before the deposit ask.

Worker example with detection steps

"Beware of job scams - An example scam I received and how I identified it" — r/WorkOnline, 60 upvotes. Step-by-step detection walkthrough.

FTC task-scams data spotlight

"Paying to get paid: gamified job scams drive record losses" — primary federal source documenting the 2024 task-scam surge (5K → 20K reports in six months).

Damage control thread

"[US] I believe I fell for a fake job scam. What do I do?" — r/Scams, 9 upvotes. Documents the cashier's-check variant with $2,300 net loss after wiring back the "difference."

Related Reading

Fake job scams overlap with several other scam mechanisms documented on tabiji. Internal: the Everywhere hub; Recovery Scams (job-scam victims who post publicly become recovery-scam targets within hours); Pig-Butchering Scams (the LinkedIn entry vector overlaps with pig-butchering's "mentor / side-hustle group" variant); Bank-Impersonation & Zelle Scams (cashier's-check variant uses Zelle/Venmo as the irreversible-rail extraction); Medicare & Elder-Targeted Scams (older job seekers face overlapping identity-harvest patterns). External authorities: the FTC Consumer Advice on Job Scams; the FTC Task Scams Data Spotlight; the FBI IC3 2024 Annual Report; BBB Scam Tracker.

This page is consumer education, not legal or financial advice. The scams documented here are real and the defenses are drawn from patterns across 4,045+ Reddit posts and comments (276 threads, 3,769 comments) plus the federal-agency, NGO, and industry sources cited inline, but every situation is different. If you have lost money or had identity information harvested, file at ic3.gov and identitytheft.gov, and consult a licensed attorney through your state bar's lawyer-referral service before paying anyone for "recovery" services. Reddit thread upvote counts are reported as of April 2026 and may have changed since publication. Last updated: April 30, 2026. Next scheduled refresh: July 30, 2026.