I guess one of the downsides of the rising popularity and profile of our HR startup is that it attracts the lowest online lifeforms to try and see if they can make illicit profit from it.
We have been getting the occasional trial user signing up and subscribing to our lowest plan, then posting fake job ads in the hopes of harvesting applicant email addresses, or even forcing them to pay certain fees to get ‘security approvals’ or other fake accreditation in the hopes of moving through the application pipeline.
Using our platform to swindle innocent people out of money (especially people desperate to try and land a job during difficult times) just makes me sick, and we try and do everything we can to try and stay on top of it all.
Recent Uptick
But this month, there seems to be an uptick in activity, and a more focused approach. We have had several new account signups, using different names and company names. In all cases, he/she uses the name of a larger corporation, but with the domain name fudged to appear that it has come from a legitimate company, i.e. using the domain ‘l0ckheedmartin.com’ to make it appear that they come from Lockheed Martin Corporation, but substituting the ‘o’ in ‘company’ with a ‘0’ (zero). Amateur hour stuff.
Each time we have detected this, we have immediately shut down the account, and refunded their money, and deleted all their data from our systems. We’ve also noticed them posting several job ads purporting to be from the actual company they are masquerading, in different locations around the US. Because these job ads are automatically also posted out to platforms like Indeed, Talent and Monster, they are using our app to multiply their fake ads out to a wider audience.
Let me reiterate again that in the above cases, we have refunded their money even though it costs us $$ in fees and our reputation with Stripe, our payment gateway provider.
Current Episode
Yesterday there was a sign up from a ‘<redacted>@thehersheyc0mpany.com’ - once again the amateurish spoofing attempt, so I decide to proactively reach out to them (giving them all the benefit of the doubt despite all the obvious signs that things were fake).
Here is the email I sent them:
Within minutes, came the response, which I now realise was purely designed to stall us while they loaded up a bunch of fake job ads in the background.
Still, I was giving them the benefit of the doubt (not sure why) and persisted with a civil discourse.
As you can read above in my last message to them, I had been doing some digging around in Stripe, and I realised that at least SIX previous fraud attempts in our system was done using the SAME debit card (they all had the same Stripe card fingerprint!).
Check out the spoofed company names in the domains there - some obvious, some not so obvious (like the extra ‘s’ in ‘dominionenergy’). I mean, why would a company like Northrop Grumman, with thousands of employees be signing up for our 25 employee plan? Hmm?
But still, I persisted with the polite path, even though I checked their website, to find a plain Wordpress holding page, and checked their domain on WHOIS to see that it had been registered the day before they subscribed (Hmm, red flags or what?!? LOL).
Notice how I stated above (multiple times) that if they couldn’t furnish the evidence, I would not be refunding their $54 and I would be using it to cover the many hours of administrative time taken up to cross check and verify everything. I also asked them NOT to post any job listings in the interim.
But when I checked their app job board a few hours later:
There were 30+ identical job ads all over the US for an obviously fake job, purporting to be from the ‘Hershey Company’. Here was the text of each ad (all exactly the same):
So I went ahead and deleted all the company data immediately to prevent them accessing any applicant information that may have already been uploaded.
But then ‘the crazies’ started up the next morning! I had really whacked the hornet’s nest here…
Oh the irony of a scammer using my app to defraud other people of their money calling me a fraud! I had to laugh out loud at this pathetic little theatre.
I checked our Software Advice page, and the first time, I could see there was (1) next to the 3 star, 2 star and 1 star reviews, but they were greyed out because they were pending internal verification, and when I checked back a couple of hours later, they were gone, because Software Advice seems to be a reputable site that recognises fake ‘revenge reviews’ and discards them without our prompting. Maybe they recognised that we have always had 4 and5 star reviews only, and that this current spate was a bit of an ‘outlier’ (Thank you Software Advice!).
So, as of the time of writing, we are at a sort of standoff situation. I have held off from refunding their money for now, but Stripe (who have also been great throughout this ordeal) have said that the only way we can prevent this card from being used again is to process a refund and mark the transaction as ‘fraudulent’ which will automatically block the card from being used again on their platform.
So perhaps I will just refund them and block the card just to stop another cheap attempt. It is only USD$54, which is less than 0.08% of our monthly revenue.
This has certainly been a fun ride.