Hey friends,

Because I'm a cybersecurity professional recently targeted by fraudsters, I feel a responsibility to share my experience. I hope that this spreads awareness because, in the grand scheme of things, personal security is all about awareness. It's about being vigilant to your digital surroundings. So, let me break down what happened.

The Setup: A Perfect Job Offer

I've been actively searching for work in the IT field for a couple of years now, with some luck along the way. I received an email from a company I had never heard of. I had not applied to any of their positions, nor had I ever interacted with them. That alone was suspicious.

If there's one thing you take away from this, let it be this: Do not engage with anyone you haven't initiated contact with. Unless you're expecting a call from the Lord God themself to take you to heaven, there’s no reason to follow up with someone who reached out to you unsolicited.

The Bait: An Offer Too Good to Be True

Scammers targeting job seekers know exactly how to dangle the carrot in front of you. This job offer checked every box for me—and then some. It was remote, entry-level, and paid significantly more than industry standards. At first, I was skeptical, but then I thought, Hey, this is what I'm actually worth. Other companies have been lowballing me this whole time. Finally, a company that sees my value!

Fortunately, I had a friend watching my back. They urged me to be cautious because of the high salary. I agreed and committed to doing my due diligence.

Investigating the Company

I looked up the company. I checked their domain. I compared the domain of the email I received. Everything looked legitimate—except for one crucial detail. Someone registered the email address used to send me the offer only a few weeks ago, while the company itself has existed since 1999. Another red flag. 🚩

After consulting with friends and a career counselor, I ultimately decided not to move forward because they were asking for a personal document—my driver’s license. While I’m not thrilled that my name and address are probably already floating around the dark web, I wasn’t about to hand over more sensitive information willingly.

The Confirmation: A Real Employee, A Fake Offer

The scammer signed the email with a real name—a legitimate person who had a LinkedIn profile. That was enough for me to confirm things directly. So, I called them. Left a message. And about an hour later, I got a call back.

Lucas Johnson, Vice President of Human Resources for Hellion Technologies, knew nothing of the job offer. He told me he was aware of a scam using his name and company, which is why he called me back. It’s getting crazy out there, folks.

I have a Security+ certification—one of the most recognized credentials in cybersecurity—and they almost got me. It doesn’t matter how skilled you are; they are coming for you. They don’t care about your situation. They will take everything they can, then sell your information so others can do the same.

Final Advice: Stay Smart, Stay Safe

1. Do not engage with unsolicited job offers. If you didn’t apply, assume it’s a scam.

2. Keep your job hunt hidden. While it may be enticing to have your resume available for employers, it can also open the door for fraudsters to come knocking.

3. Verify everything. Look up company domains, check email creation dates, and contact the person directly if you can.

4. Never send personal documents without absolute certainty. If a company really wants to hire you, they will provide ways to verify legitimacy.

5. Talk to someone you trust. If something seems off, run it by a friend, mentor, or career advisor.

   
   

Stay safe out there, and keep your guard up. Scammers are getting smarter, but so are we.