PICTURE this: A job promising flexible hours, high pay, and the freedom to work from anywhere. No interviews, no tests – just a friendly text and a professional-looking website. It feels like the dream job you have been waiting for. You hesitate – it sounds too good. But everything looks real and feels personal. “I would never fall for a job scam,” you tell yourself.
The next thing you know, your money and the job opportunity are gone.
Not “if” but “when”
The challenge today is not just about being aware of scams. It’s about knowing how to spot the (sometimes) subtle signs – and taking the right steps to protect yourself before it is too late.
According to the Singapore Police Force, at least 3,066 people fell victim to job scams between Oct 1, 2023, and Jan 31, 2024, losing a total of more than S$45.7 million. In one case, a woman knowingly engaged in “a simple side hustle” – but played along as she was craving some excitement in her life. That decision cost her S$78,000, almost 90 per cent of her savings.
Even the most cautious among us can get caught off-guard. That is because scams today don’t just rely on clickbait – they exploit both human emotion and digital tools. Scammers are good at playing on your emotions. They pretend to share your interests, build a connection, and even give you rewards at the start to make things feel real.
So, the question is: Even when we think we know the signs, how can we tell what is truly legitimate and what is not?
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Checklist
For an average man in the street, these types of scams can be difficult to detect. The bad guys also have lots of ways to hide on the Internet. They register thousands of domain names to host the fake sites used to lure victims. These sites are accessed through the user’s browser through the Domain Name System (DNS), essentially the navigation system for the Internet, and all behind the scenes from the potential victim. Here are some things that can help.
Many browsers have optional safety features, including integration of protective DNS, which will stop the connection to malicious sites. Unfortunately, the browser adoption of these protections is still maturing, and many scams will get past them.
Bad guys often use domain names that look similar to something you find familiar, for example, www.g00gle.com. Click the padlock icon in the browser address bar to check if the digital certificate is missing or issued to a name that doesn’t match the company.
Another tell-tale sign is the flashing of multiple domain names between the initial link and where you end up.
Trust your instincts. If it seems too good to be true, it often is. Offers that seem rushed, overly generous, or require a payment upfront – that’s your cue to start doubting the legitimacy of the offer.
Scammers often reuse their messages and/or images. You could try pasting part of the message into your search engine. If it’s a known scam, others might have already reported it.
Risks for businesses
This isn’t just a risk for individuals. Businesses are also facing increasingly sophisticated attacks. Scammers are posing as new clients, vendors, or job candidates to infiltrate corporate networks and systems.
For example, they do so by creating lookalike domains that copy those of legitimate business partners. With these nearly identical domains, they start negotiations on deals or send fraudulent invoices, only for the interaction to unfold into an assault that can cost companies millions.
Even more concerning are supply chain attacks, where scammers compromise less secure vendors to get their foot in the door, then quietly move along the supply chain to reach their actual target, perhaps a more valuable company. These attacks are particularly difficult to detect because communications appear to come from trusted sources.
Again, monitoring DNS activity can help identify suspicious behaviour early, such as an unfamiliar domain suddenly communicating with internal systems. That’s why robust DNS security solutions are not a nice-to-have – they’re critical to protecting the company and its operations.
Don’t be afraid, stay vigilant
We’re living in a time in which scams are getting smarter, not just in how they look, but in how they make you feel. With tech innovations also on their side, scammers can be incredibly and dangerously convincing. But this isn’t about being afraid, it’s about staying sharp. A little caution and the right security tools can go a long way in keeping you and your information, safe.
The writer is vice-president of threat intel at Infoblox
