I got something interesting in the e-mail today. Note that such phishing attempts are not uncommon for overeducated lumpenproles like me (I personally get at least three robocalls per day from various “employment services”, and that doesn’t even include “sales opportunities” which are at least real). This one is significant for its relative sophistication, and passing the Gmail spam filter.
Below, I will explore some implications of this incipient phenomenon. We here at da blergh like to stay ahead of the curve, and to refer to ourselves by invoking the royal “we”.
Subject: Hello $myName. Vacancy is opened. O-N-9426-37
Sender: Shavonna D. Littleton
Our Logistics company is in search of competent candidates for the position of Procurement Manager.
Our requirements for those who would like to be comcerned are not strict:
-Authorized to work in the USA;
-Must have an individual initiative and flexibility in a dynamic enviroment to accomplish his/her tasks meeting deadlines;
-Solid comminication skills (both verbal and written) and interpersonal skills.
-Base pay rate is about: USD 83,760+ yearly plus regular bonuses;
-Buy goods and services for our customers all round the world;
-Ensure safe and timely delivery of goods;
-Generate requisite documentation according to schedule.
-Your resume copy will be a great advantage.
Dear candidates, feel free to inform us and we will provide you an Application Form.
Thank you for considering our offer.
Now, if I weren’t such a sensible, salt-of-the-earth type (ha!) this might be somewhat believable. If I showed this to my parents, I’m 100% certain they would lend me money and demand I wire it to this Nigerian princess. Fortunately, they’ve been conspicuously making bad financial decisions for decades so I don’t even feel the temptation to show it to them.
Why do we know it’s fake? The first reason is that headhunters are lazy, people-stupid, and risk-averse. No “headhunter” is interested in filling entry-level jobs with underutilized talent, they are all looking to shuffle superstars with long resumes between competitors, and skim a small percentage of the worker’s increase in yearly income. The second reason is that 84K is an absurdly high number for an unskilled entry-level candidate, but I only know this from my incredible reserve of common sense (ha!). It’s plausible that a random barista with a master’s degree would believe that number and fill out an employment application with his or her SSN. The third reason is that no legit business seeks out talent proactively, preferring to hire whoever walks through the door with the right demographics and a warm smile. Now, I’m not saying this is smart on their part- 80% of good management is hiring- but it’s normal. Businesses are so used to having overwhelming “hand” that they are incapable of even imagining that taking the initiative would make them a lot more money and save work in the long run.
So what it comes down to is that this is a mass e-mail offering a high-paying management position, ergo spam.
(One thing to get out of the way is the small but non-negligible possibility that I’ve attracted a little extra NSA attention by helping to create the SJW list. It wouldn’t be unreasonable considering their budget, their ceaseless hunt for the great white defendant, and the fact that I’ve possibly made personal enemies of several Google, Facebook, and Twitter employees. Social justice warriors are the Silicon Valley version of regulatory capture. But let’s not get out of hand- even if I get randomly SWATed by an SJW, that’s probably going to work against the Narrative.)
If we disregard the possibility that I’m special, that means this prototypical e-mail indicates a new wave of sophisticated phishing attempts preying on the new college-educated underclass, and their hopes to somehow break into the shrinking middle class. Let’s look at what we can learn.
Whoever wrote this e-mail is extremely familiar with the hiring process and culture in America. The sender has a female name, slightly black (but not quite ghetto), and the subject heading includes a (fake) job number. So the sender is a very precise archetype of the HR worker. If the salary hadn’t popped out as absurd, it is not immediately obvious that it’s spam- at first glance it seems legit. This was not written by a Russian, a Nigerian, or even a European with excellent English. This was written by an American. If anything, it errs on the side of being too concise: I’ve never seen a real job posting that wasn’t filled with two dozen garbage bullet points, even for the most mundane job like the one I’m doing right now (“take groceries out of boxes and put them on shelves…that’s it”). The bullet points it does include are generic, but they would not be out of place on a legit job posting.
(I know, I know, smart Americans predating on fellow Americans for financial gain? Well I never. It’s like the farmers and small businesses who hire Mexican day laborers, you’d almost think they aren’t motivated by the altruistic desire to offer those poor people an opportunity to work hard and succeed.)
What this suggests is that these will become even more sophisticated and thus extremely dangerous in the very near future. Probably they’ll knock the salary number down to something more believable but still desirable like 40K (desirable if you’re a barista or grocery boy with an MS and student loan payments to match). Because it’s a mass e-mail, they have to use generic bullet points- but they might fill it out a bit or change things around to throw off human pattern recognition.
For the time being, here is a starter list for ways to distinguish this particular fraud from genuine employment offers:
1. The name of the business is not included in the e-mail.
2. It is not possible to find a corresponding job posting on a company’s web site or a job site like Monster.
3. There are no hyperlinks or contact information other than the return address from a generic e-mail service.
4. The e-mail is somehow too good to be true. Maybe it offers a high salary and high-status, white-collar work to generic unskilled candidates. (See the explanation above.)
5. Offers to send you an application form, which undoubtedly requests personal information (i.e. SSN) that can be used to easily commit identity theft. Unfortunately, 99% of legitimate job offers also require this pretty much right off the bat.
6. The offer is completely unsolicited. If you haven’t already expressed an interest through their website or network connections, it’s probably a financial trap.
Last thought: what does it say about our economy that such a high-effort, high-risk fraud seemed like a good bet to some enterprising and smart native spam artist?