Employer Vetting: Identifying Fraud and Educating Students

by Dia Buchanan, Belmont University

Meet Kerry – a 20-year-old college sophomore nursing major at a local institution. Kerry is a first-generation college student, eager to move into off-campus housing at the start of her junior year. In order to do that, Keri must find a part-time job to begin saving money. Kerry qualified for federal work study, however all the on-campus jobs are filled. A friend suggests that Kerry search the online job board of University Career Services for a position. She finds an opportunity that seems ‘too good to be true’, and that it is!

At the request of the employer, Kerry provides confidential personal information which results in a large withdrawal and loss of funds from her bank account. Devastated by this outcome, Kerry contacts University Career Services to investigate this listing and educate herself on fraudulent postings.

Fraudulent postings are a significant problem at universities of all types, sizes, and locations. While we would like to believe that all contacts made with our career centers are legitimate and trustworthy, this simply is not the case.

Due to the increasing number of fraudulent positions, phishing scams, and questionable employment opportunities; it’s extremely important to properly review positions that are sent to us.

Preventing Fraudulent Activity

  • Create detailed Job Posting/Recruiting Policy that verifies required information and types of opportunities not posted.
  • Have multiple staff within office check the posting. (i.e. Student Assistant and FT Staff)
  • Make employer vetting the priority
  • Require Complete Company Information
    • Valid website, commercial address, email with domain name, working phone number
    • Look for the geolocation to match, verify commercial address, validate website
    • Check company website to locate email domain
    • Search for companies on CareerShift
  • Require Complete Contact Information
    • First and Last Name- No generic name ( i.e. Recruitment Team)
      • Use LinkedIn to verify Contact
      • No Personal Email addresses (Gmail, yahoo, outlook)
  • Require Complete Job Profiles
    • Consider making required fields in the job description
  • Investigate Spam Reports

Educating Students on Fraudulent Postings

  • Be concise with wording to students
  • Ask students to sign agreement or ‘terms of use’ before using career services management system
  • Provide access to “Common SCAM Content” and “Protecting yourself from Fraud” documents via website
  • Put notification on website and in policies and procedures
  • Host Employer Panel or Workshop that discusses appropriate ways to job search
  • Have Coaches/Counselors mention tips in one on one appointments
  • Communicate policy and educate faculty via newsletter
  • Work with international students to educate this population/incorporate into OPT/OPT workshop
  • Partner with Faculty and include content in presentations in the classes
  • Create Marketing campaign around Preventing Fraud
    • Include a “Tip of the Day” on Social Media
    • Display poster outside of Career Services office
    • Post article in school newspaper on fraud jobs
    • Create Podcast on dangers of fraud jobs

Follow-up and Follow Through

If a Fraud Position is approved and posted…follow these suggestions

  • Communicate via phone or in person with the informant
  • Close the Job. Remove listing from website or system
  • Maintain database of known scams; do a regular check/swipe within Career Services system
  • Contact the legitimate company so they are able to inform their partners
    • Example- Biogen- Victim Employer of Fraud
  • Send note to career colleagues, consortium members, LinkedIn/NACE message boards and listservs
  • Notify the Following:
    • All students who viewed the job as well as the searchable student database
    • (Send an email to) career colleagues, consortium members, LinkedIn/NACE message boards and listservs
    • Campus police and/or legal if they would like to be involved
    • Job board software provider (e.g.,Handshake, GradLeaders, Symplicity, etc.)

 

Talk it over:

  • Does your institution have a standard posting policy?
  • What proactive (not reactive) steps is your team taking to prevent fraud activity?
  • Are you currently communicating best practices with students?
  • What suggestions can you take from this article and implement today?

__________

This article was adapted from a 2017 Employer Relations Summit session created and presented by Dia Buchanan. Recognition and kudos are given to Summit participants that provided suggestions, content and feedback. See what great resources, knowledge and professional development opportunities are gained at our annual Employer Relations Summit? Register today (hyperlink: http://www.soace.org/employer-relations-summit) for this year’s event.

Keeping Information Secure: Easy Steps for Non-Experts

Post by Addye Buckley-Burnell, Assistant Director of Career Development, Auburn University Career Center

may15_b.5Protecting our identity and private information is nothing new and we tell our students to be careful every day. With the influx of reports of system wide hacking/breaches in every industry costing in the millions to correct, universities and employers alike need to do more to keep our information secure. As a counselor, I follow ACA guidelines to protect client files, but these standards are often more complicated when it comes to working in a university career center. Also, the guidelines do not adapt as quickly as technology advances. Let’s face it; we all can do more to prevent private information from getting into the wrong hands while protecting our own behinds as well. Here are a few easy things that have been suggested by the Auburn University Office of Information Technology and additional security training. Now I am no tech guru, but even I can follow these simple steps.

Passwords:

Edward Snowden advised in a recent interview with John Oliver to be very careful with passwords. We all know how difficult it is to come up with passwords that meet the requirements of many of the systems…ahem, Symplicity, ahem…but some general rules will make it more difficult for someone/a program, to determine your password.

  • Use a pass phrase instead of a single word to make it easier to remember but difficult to guess – example: Auburnstudentsare100%awesome
  • Essential to be over 8 characters in length
  • Should contain at least one uppercase letter, one number and one symbol if possible and not just at the end

Email:

I am sure we all know not to send private information via email, but sometimes there is some grey area here. Anything pertaining to personal identifiable information that could be used in any malicious way should be sent in an encrypted document and attached to the email. You will want to send the password used for the encryption in a separate email to be extra careful.

This is easy to do using Microsoft Office products by using the File tab > Info> Protect Document > Encrypt with Password. CAUTION: you will be asked to enter a password twice which is not retrievable if forgotten so write it down!

may15_b.1

may15_b.2
Your university/company is likely backing up all email to the server on a routine basis, so it is best to erase any emails containing private or personal information after reading them.

Devices:

Lock your computers when you leave your desk to avoid any malicious attempts at accessing your files and student data. The shortcut to do this on a PC is Windows Key + L and on Mac is Control + Shift + Power.

Avoid saving private information to your computers and empty your recycling bin on your computer regularly as well since these items are also able to be accessed if hacked.

Love it or hate it, we all have constant access to information at the palm of our hand. This is a prime place for security breaches so be sure to use a password/finger print to protect all devices that have access to your work emails. When you stop using the device or if it is stolen, wipe the device to avoid this information getting in the wrong hands. This can be done without the phone for Outlook using the web-based site by:

may15_b.3may15_b.4

Also, avoid using public access WIFI when inputting any passwords or accessing sensitive information. All devices should also have an active antivirus software in place.

Sessions via distance:

We all know how popular it has become to offer services via distance and how tempting it is to use Skype for these services. Unfortunately, Skype saves records of all recordings and these records are readily handed over when requested by officials. To maintain confidentiality it has been recommended to use either FaceTime for Mac users or VSee to host these sessions as they do not save records of the sessions.

These are just a few of the many ways to protect student privacy and our own personal information. If you have any others tips, please share them in the comments section.


contributor_abuckleyburnell Addye Buckley-Burnell serves as the Assistant Director of Career Development for the Auburn University Career Center, leading a team of highly skilled and motivated career counselors and is charged with the formal assessment of the office. Addye is a Licensed Professional Counselor, Nationally Certified Counselor, and Distance Credentialed Counselor with experience in a variety of counseling areas including mental health, academic and career. In addition to her work with individual students, Addye teaches a variety of courses including a job search/career-life planning class both on-campus and via distance education.