The sending of fraudulent messages with job proposals, allegedly associated with companies such as Meta or TikTok, has been worrying operators, who are working with the authorities and raising customers’ awareness of the dangers.
Associations like Deco continue to receive several contacts from victims, despite alerts and awareness campaigns, at a time when electronic fraud is increasing and becoming more difficult to detect.
“Electronic communications operators have been following this phenomenon, with natural concern, working permanently to preserve the integrity and security of their networks, as well as their customers’ communications”, stated the general secretary of the Association of Electronic Communications Operators Electronic Communications (Apritel), Pedro Mota Soares, in response to Lusa.
In the SMS, which are often sent using numbers starting with 92 and written in Brazilian Portuguese, the alleged authors identify themselves as members of the human resources team of companies like TikTok and invite recipients to apply for vacancies ‘online’ work, with ‘links’ being sent to supposed WhatsApp groups for this purpose.
“Hello, I’m from the human resources team at TikTok and I’m writing to you. We urgently need 100 employees to work ‘online’, with daily salaries of 50 to 800 euros. You can participate in your free time. If you are interested, you can join contact us via WhatsApp […]. If you send us a message now, you will receive a bonus of 5 euros”, reads one of these messages.
At issue is computer fraud, called ‘smishing’, which consists of using SMS to extract confidential information, such as bank details.
Contacts can also reach you directly via WhatsApp, through foreign numbers, with messages written in Portuguese or English.
In these cases, it is common for authors to claim to have received an application from the recipients of the messages for a certain position, then asking for personal data.
To monitor this problem, operators have teams operating 24 hours a day, “cooperating with the competent authorities taking into account the legal and regulatory framework in force”.
Pedro Mota Soares also assured that operators “take seriously” raising awareness of good practices against this type of messages, “which is why they do so actively on their own and in collaboration with all entities dedicated to promoting the safe use of communications electronics”.
As explained by Deco Proteste’s technology specialist António Alves, this type of fraud always starts with sending a message with an attractive job proposal.
“If the person takes the bait, what they do is send a ‘link’, which changes and takes to a manufactured page, a ‘dashboard’ [painel visual] that has a to-do list, with social media logos. The person can register and, from there, they are assigned tasks, which can include commenting on videos and following some people”, he detailed to Lusa.
As tasks are completed, a “hypothetical balance” appears, which can only be withdrawn, as a general rule, after two weeks of work.
At that point, the perpetrators of the fraud ask for a small amount to be transferred to a specific account to validate the IBAN or to pay a fee and, subsequently, it is suggested that the transactions be carried out in cryptocurrencies, preventing a trace from being left.
“They will start telling people that they have to transfer, for example, 100 cryptocurrencies and they will do this up to the limit that they can extract from the person”, warned António Alves.
When people discover or suspect they are involved in a fraud, they are blocked, the links are no longer operational and they lose contact with the perpetrators.
Next, new links and pages are created to try to catch other people in the scheme.
According to Deco, a consumer protection association, when people fall for this type of fraud it is “very difficult to recover the transferred amounts”.
However, the case must be reported to authorities, such as the Judiciary Police and the Public Prosecutor’s Office Cybercrime Office, as well as the electronic complaint system and banks, when applicable.
“In general, we are talking about situations that are complicated to resolve because even if you file a complaint, what you will realize is that it is difficult to identify the perpetrator of the fraud, who is behind that scheme. They use all kinds of ways to hide your identity. Now you should always do it. Not all cases are lost. The fact of making the report makes the fraud stop taking effect more quickly”, concluded António Alves.
According to data provided by Kaspersky, a global cybersecurity company, in 2023, 700 million ‘phising’ attacks (general term for electronic fraud) were recorded across the world.
In Portugal, as the company pointed out, bank and service customers are the main targets of these attacks.
In addition to job offers, it is common for these scams to use false promotions or messages from financial institutions.
Kaspersky recommends paying attention to the sender of the message, exaggerated promises, as well as unsolicited messages with links to enter personal data.
At the same time, users can access online tools that allow them to confirm whether the links they want to access are reliable.
Lusa contacted Meta, owner of WhatsApp and Facebook, and TikTok, but received no response.
Tags: Fraudulent messages job proposals worry operators threaten users Society
--
