Commentary: Don’t be fooled by fake job offers in a tight labour market

SINGAPORE: “Earn SGD200-500 a day, work from home, flexible with benefits.” These unsolicited job offers have been appearing in our inboxes with increasing frequency - contributing to the 3,573 cases reported and at least S$58.5 million lost to job scams between January and June this year. 

It may be tempting to imagine that job scams in particular should be easy to pick out. Perhaps, a cartoon-ish parody of a scammer offers an unsuspecting victim a “a get rich quick scheme” that is all too obvious.

But in reality, job scams are rarely that simplistic. Scammers are looking for opportunities to make their offers tangible and believable. They study the local economic environment and cater their hooks accordingly.

The most recent labour market report released by the Ministry of Manpower highlighted that Singapore’s overall unemployment rate was 2 per cent, compared with the pre-COVID average of 2.2 per cent. In addition, there were 108,200 job vacancies in September (significantly higher than pre-pandemic levels of 52,900) with the ratio of job vacancies to unemployed persons at 2.20.

It is precisely in such a tight labour market that employers are offering perks and renegotiating the norms of work-life balance through four-day work weeks and flexible work-from-home arrangements.

Scammers tailor their scams in alignment with these trends by using the language of modern hiring practices. So much so that real job offers are often confused for “too good to be true” scams as a recent job posting for Changi Airport has shown.

In addition, most of these job scams utilise a long con. These “jobs” could entail asking victims to review and like posts online or make advanced purchases on e-commerce platforms, with promises of compensation afterwards.

The scammer gains the trust of victims by initially following through with promised payments, but eventually stops paying the victims after receiving large sums of money from them. Seen holistically, it is easy to understand why scams are so insidious and why victims fall for them.

Job scams are only one such tool in the arsenal of a scammer and as the local socio-economic environment shifts, so will the lures of scammers. Should the job market take a turn for the worse, it is highly likely job scams of this tone will dry up.

Scammers are constantly looking for weak points in society’s fabric to abuse people’s trust in systems or structures - moving quickly to pose as officials from banks, e-commerce platforms or even government agencies. Using this veneer of legitimacy, scammers coerce victims to cough up some money.

Faced with mounting pressure and the perceived risk of not following through, victims succumb to these false narratives.

AN INTERNATIONAL PROBLEM

These aren’t just local problems. Globally the scam contagion has been spreading substantially with (an almost certainly underestimated) US$55 billion lost to scams globally in 2021.

Scammers operate in virtually all jurisdictions and carefully tailor their schemes to their target audience.

In the UK where a cost of living crisis has had some families wondering how they will pay for heating during the brutal winter months, scammers are targeting the at-risk with promises of energy subsidies.

Meanwhile in the US, individuals whose income had been adversely affected by the pandemic had their paltry savings syphoned off by scammers posing as government officials providing financial assistance.

These tactics are curated, emotionally manipulative and target the most vulnerable members of society. Their dynamism and adaptability make scams a stubborn crime to eradicate.

Fortunately, as wide-ranging as scams might be, there are also a diversity of ways to help stop it.

In 2019, the US Congress mandated that telecommunication companies in the US had to adopt the STIR/SHAKEN framework. STIR/SHAKEN enables telcos to verify the root source of incoming phone calls, for example, if a call is originating from an Internet dialler or a robocaller.

Based on this information, telcos inform their customers if a call is a possible fraudster by indicating “Scam Likely” as the caller ID in order to help a consumer discern potential malicious calls.

In the UK, since 2014, users need only forward an SMS to 7266 to report a potential scam. These SMSes are subsequently investigated and added to a blacklist used by telecom service providers to block messages before it can reach more people. 

However, if a scammer does manage to speak to a potential victim and manipulates them into attempting to transfer money there needs to be tools available to the banks to intervene swiftly.

China has implemented sweeping new laws that require banks to prioritise takedown orders from law enforcement, while Malaysia too has taken steps in this space. Malaysian banks will be required to move away from SMS OTPs into more secure forms of authentication.

In addition, banks across the border have imposed a cooling off period - preventing immediate transfers for first-time online banking customers. The latter largely targets stopping the elderly from setting up a bank account at the behest of a scammer either to serve as a mule or a victim.

CROWDING OUT SCAMMERS

These are all worthwhile ideas and Open Government Products together with our other government colleagues in the anti-scam space are studying how such solutions can be adapted in Singapore. However, no one solution can serve as a panacea for the scam scourge. A singular line of defence can always be circumvented by scammers with time.

STIR/SHAKEN in the US continues to hold promise. But protracted and uneven implementation across telecom providers gave scammers the opportunity to exploit loopholes. As a result consumers still report relatively high numbers of scam calls reaching them without being labelled as potential scams.

Scammers adapt to defensive measures by using different technologies, methodologies, and platforms. For example, while calls and SMSes used to be the primary avenue for a scammer to engage with potential victims, they are now moving to messaging apps like WhatsApp and Telegram or even e-commerce platforms.

Beyond building robust defences against scams, we need to be as adaptable as the scammers - crowding them out of one space and chasing them into another. This requires a variety of solutions across different domains as well as the support of non-government actors like banks, telcos, and increasingly, messaging apps.

Such diversity of approaches categorise the defence in depth we require to successfully curtail scams. No defence line is foolproof, but multiple such lines acting in concert while staying flexible to scam threats is far likelier to protect against scam attacks from succeeding.

In Singapore, ScamShield prevents scam attacks in two ways. First, it anonymously collates known scam numbers, messages, URLs and other identifiers across different databases and uses this information to block incoming calls or SMSes to a user’s phone - preventing scams from reaching thousands of victims.

Second, this collated list of scam identifiers can be used to help telcos, ecommerce services, banks and messaging apps block potential fraudulent actors on their platforms as well.

However, ScamShield cannot remain static. Inevitably some scams will be able to evade ScamShield as scammers try to circumvent detection.

This is where users come in - reporting scams through the ScamShield app helps to crowdsource gaps in defences, trains the app to be more discerning, serves an early warning system and closes the net on any ongoing scam campaigns. This goes a long way in protecting our broader community from scams.

This festive season, it is inevitable that scammers will take advantage of the occasion for their own ends. The scams we have been facing are fast becoming obsolete as scammers evolve their narratives and their methods to find new targets. All that means is we need to keep evolving too.

Hygin Prasad Fernandez is Assistant Director of Policy at Open Government Products, a division under the Government Technology Agency. He works within a Vertically Integrated Team building anti-scam solutions like ScamShield.