Are these real employers?
But COULD these jobs be a scam?
Scammers have always been around and UMBC’s Career Center works hard to protect and support you. However, in this challenging economic climate, we are seeing scammers get more creative and deceptive. They will often use the names of real companies and present themselves as being affiliated with UMBC, when they are not.
HERE is one example of a fraudulent email coming from “Corestaff”. You will notice:
The email domain of the sender goes to a GMAIL account and not to a real company domain such as “corestaff”.
In this email, they are asking for you to email them back with your personal email address. Why?
There is no contact information in the sender’s signature, such as a company phone number, physical address and or website.
What is the job position and why is there no description? The language is very ambiguous throughout this email.
The email message contains poor grammar and typographical errors
From: Allison Bae <email@example.com>
Date: Mon, May 11, 2020, 10:24
Subject: UMBC COVID-19 INFORMATION
University of Maryland, Baltimore County health professionals have been closely monitoring the spread of COVID-19 over the past two months.Therefore the university is organizing an online part time job to sustain the students living.I'm happy to inform you that our reputable company CORESTAFF SERVICES Inc®,is currently running a student empowerment program. KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS JOB POSITION.
How does a scammer get my UMBC email address in the first place?
Your email address is not private information. If someone knows your name, they can look up your UMBC email address in the campus directory, or if you have your email address attached to social media or other online accounts and those get hacked, or if someone you know has had their email hacked, etc. There are many different ways your email address can end up in the hands of a scammer.
The FROM address on an email can easily be spoofed/faked. Just because an email you receive looks like it came from an “@umbc.edu” address or someone you know, does not always mean it actually came from that person.
What should I do when I receive an email that is questionable? Here are some quick tips:
Never click on the links in a phishing message. Just by clicking on the link, you may download a malicious program onto your computer.
Look at the email domain of the sender (john@gmail vs. john@avalidcompany) Be CAUTIOUS if the domain does not match the domain of the company.
NEVER provide your credit card, bank account numbers, social security number or other financial documentation.
BE CAUTIOUS of an employer offering a check before work has commenced and NEVER deposit a check before work has commenced. This is almost always a scam.
NEVER engage with an employer that requires an initial investment, such as a payment by wire.
BE CAUTIOUS of an employer whose posting includes many spelling and grammatical errors.
BE CAUTIOUS of an employer who asks for anything out of the ordinary such as a picture of you or who is not operating by normal hiring procedures, such as hiring you without interviewing you.
Google the employer’s phone number, fax number and/or email address. If it does not appear connected to an actual business organization, this is a red flag. Better Business Bureau (http://www.bbb.org/us/consumers/), Hoovers (http://www.hoovers.com/) and AT&T’s Anywho (http://www.anywho.com/) can be used to verify organizations.
For more information from DoIT on phishing, click HERE
You will continue to receive scam emails periodically from all types of sources.
Please refer to Page 65 of the Career Guide - "Is this Posting for Real?".
HERE is a link to that page.
Do you feel that you have been scammed?
If you have already given your personal information, you should follow DoIT's recommendations. You may want to alert the campus police about your particular concerns.*In order to assist the DoIT Security Team's investigation, recipients of the email should send firstname.lastname@example.org a notification including the full header set of the message. These headers are not normally displayed but can be easily accessed. For more instruction on how to send the full header set of the message, please refer to: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970
If you have already fallen victim to this scam and transferred funds to someone, please file a complaint with the FBI Internet Crime Complaint Center. They can be reached at the following web address: Internet Crime Complaint Center
If you have not wired money to the criminals, please stop communicating with them. You should still report the situation to the campus police and follow DoIT’s instructions. There is no need to report it to the FBI.
The Career Center is here to support you. If you encounter a position that you fear may be fraudulent, don’t hesitate to reach out to us email@example.com