I Almost Got Scammed by a Fake Job Offer - Here's What Happened
A personal account of a sophisticated recruitment scam, and what every job seeker needs to know to stay safe.
Read full reportDeep-dive technical reports, methodology notes, and field articles on recruitment scams, malicious repositories, and software supply chain threats — grounded in evidence, built for practitioners and researchers.
A scalable pipeline for characterizing recruitment-based fraud campaigns at the message level. Defines the indicator taxonomy and false-positive baselines RTIdx’s rule engine inherits.
A personal account of a sophisticated recruitment scam, and what every job seeker needs to know to stay safe.
Read full reportWe analyzed six independently reported repositories — all disguised as legitimate Web3 coding assignments — and found a single, highly mature malware framework targeting developer environments through npm lifecycle hooks. This is the technical breakdown.
The scam does not end with a fake job. The fake job is the delivery mechanism. In the "contagious interview" pattern, attackers use a hiring conversation to move a developer into a trusted workflow.
One person receives a suspicious recruiter message. Another gets a nearly identical pitch two weeks later. A third is sent a repository with the same hidden behavior under a different company name. A fourth sees a cloned profile using a new photo but the same script. Individually, each case may look ambiguous. Together, they can reveal a campaign.
Most discussions about fake recruiter scams focus on the candidate. That is understandable. The candidate is the person being manipulated, and in many cases the person whose machine, wallet, or credentials are compromised. But there is another victim in these campaigns: the impersonated company.
Coding tests are not going away, and they do not need to. But the way they are shared, verified, and executed needs to change. A technical assessment should measure skill without asking candidates to take unnecessary security risks on their own machines.
We publish guest field notes from practitioners and academic researchers. Reach out and we’ll work with you on framing and review.