Maybe I'm an exceptionally paranoid person (high probability) but I would never ever ever send payment or my payment info if I am looking for a job. I will input that into a HRM application like Workday or ADP, but no salary could convince me to give up that information directly before I've signed legal paperwork like a contract or tax documents.
What I'm far more concerned about with totally fake job listings are the foreign placement agencies that harvest data from resumes and interview native citizens to get information and terminology to prop up their foreign candidate's resume's over the native candidates.
The placement agency makes their candidates look far better based on the information mined from the resumes and interviews, they learn how to speak about technology they don't fully understand. The employee gets a placement, the Business gets a cheap H1B indentured worker, and the Agency gets a fatter commission for selling a "more qualified" candidate.
You’re not exceptionally paranoid. The only time I ever reveal bank information is after signing an employment agreement and it’s always on the direct deposit authorization provided by ADP/Gusto/w.e HR software they use, never to a company representative.
I’m seeing more and more applications ask for DEI information like sexual orientation and gender identification too - information that I consider almost as private. I can’t believe anyone fills them out sight unseen.
But as the sibling comment says, wisdom comes with age (mistakes)
Actually if you are of a certain age, you might have been in an era where providing extra information to HR was commonplace. I think for my first job I just filled out my bank account info on paper and did not interact with any payroll software at all.
But I don't remember being asked about DEI information, I am not sure they cared back then.
In the U.S., I think employers are required to ask specific questions about ethnicity, gender identity, veteran status, disabilities, and if you're authorized to work in the U.S.
Except for that last question, I think they're required to let your answer be "I prefer not to answer".
Those questions are usually at the end of the job application and when you've filled out enough of them, you can tell the difference between one platform's legal boilerplate and questions added manually by the employer.
All of the sexual orientation questions are clearly of the latter sort. Neither the federal government nor my state require asking anything about sexual orientation. (And yes I do answer "Prefer not to self identify" to the ethnicity question and all of the employer added ones)
hell, I once had my company send out an email that I was sure was a phishing email. I reported it and was told that, nope, they really did want me to re-upload all of my tax documents to this shady ass URL.
I just quietly never did it, no one seemed to notice. We'll see if it has an effect, but if that was actually real, whoever planned that out should be fired.
Back when I was younger, I was phone support for a phone company's DSL department. They sent out an email telling the customers that we'd never send emails asking for their passwords. Then, less than 3 weeks later, they sent out a mass email telling customers that we had security issues and that they needed them to send their passwords to us.
people should honestly be fired over things like that.
The entire email that was sent out had every red flag for a phishing attempt that you could possibly imagine. absolutely no information in the email that wasn't easily obtainable public information. They sent a username and password, the username was my first name, the password was "<parent-company-name>1", things like that.
yet they were all over a PO who tried to send out gift cards via amazon as a security flaw. and refused to release the emails when the PO reached out to them about it.
there's a reason I don't have much respect for "security" people.
Maybe somebody in HR goofed up and didn't keep required documentation. They didn't want to admit their mistake so they couldn't squawk about you not doing it.
I don't think that jut payment info on its own is harmful to send; that's just your name + bank account number, no? Maybe it's different in other parts of the world, but I don't really see how anyone can really do anything with that.
The "you're starting next week but first need to pay X monetary units to cover $bullshit_cost" on the other hand is an old scam.
Someone's name and bank account number are enough to write a bad check. The system was designed with a certain amount of trust in mind, and the expectation that the customers will behave in a way that makes scammers obvious.
We don’t even use checks where I live, so still seems like a geographical thing. I can print out my bank account number and put it on a billboard and all anyone can do is deposit money.
Are you sure about that? In Europe Iban is half the info (the other is your identity) needed to create a SDD on an online shop. Granted, you have a year to contest charges and get the money back, but still.
Pretty sure. Every company I interact with puts their IBAN on their invoices, as do I. I have IBANs for several friends and they have mine. I know the names of all these people. HSBC at https://www.business.hsbc.uk/en-gb/solutions/iban-and-bic says you're supposed to give it away to anyone who you want to make a payment to you - presumably they wouldn't do that if it was also the golden ticket to take money out of your account knowing only their name. Or at least they'd be very careful to say that you absolutely should make sure that anyone who pays you doesn't know your name (although, that sounds ridiculous).
I have to assume you're using "the other is your identity" in a way different from the thread here where they said all they need to know your name and account number? I have a digital identity which includes a password and multi-factor authentication, but again that's pretty far removed from something like anyone who knows your name and account number can withdraw whatever money they like.
I see. checked around some provider apparently sepa direct debit is only in selected european countries, it's scary because you just need iban + email to get started, albeit it will likely ask 2fa from the mobile app if one has it set up.
We have sepa direct debit here where I gave you the examples, and nobody is able to withdraw from each others accounts using the payment info we are all giving to each other. It’s not possible to set up a bank account without a password or 2fa.
What? Who would accept a cheque for anything in 2024? Sure, here's a piece of paper that says if you go to the bank I pinky promise there's some money in my account you can have. I'm nearly 40 and have never used a cheque in my entire life. They were outdated 30 years ago.
> I'm nearly 40 and have never used a cheque in my entire life.
I could say exactly the same a year and a half ago. And then I happened to move to Israel. And I was just as shocked as you would be to learn that most apartment postings say "payment: 12 checks". That means that they want checks for a year in advance. Often the landlord even prefers cash or (in my case) a scheduled transfer in bank app, and returns the checks when they get the money in their preferred way — but "pinky promise there's some money in my account you can have", I like how you put it, is still an important artifact to show your commitment to pay rent.
Last year my father in law passed away. While dealing with the estate I had to write perhaps 20 paper checks and received a similar number from various sales. Many of the vendors we dealt with only accepted paper checks or cash.
I did, however, pay one tow truck driver with chairs.
Just a reminder that everyone should setup a dedicated account for incoming money. Direct deposits go here, and then are transferred to a different account.
More sophisticated take over might be able to drain all of your accounts, but it is likely to limit your losses to a single pay period.
Yes, it would never have made sense to me to pay money to someone to earn money. I was 18/19, and had stupidly dropped out of a college I hated for a relationship and found a job posting in the paper for a "warehouse job". I called, they said come in for an interview. I was ecstatic, what a win! My girlfriend drove me there, and it was a door-to-door steak sales job. They told me all the usual you can make so much money doing this, you work your way up and make connections and grow your area. They told me at the end when I was almost into it that I would have to buy the steaks from them and pay myself off the difference.
I looked at the dumbasses around me buying it with fresh eyes and saw that they were people VERY MUCH not in good places in life and got up and walked out. 2 years of bullshit jobs later, I found my way back to the tech career I went to college for, but in support not development bc degree issues.
"This is not a job--it's a business opportunity, and like all business opportunities, it requires a meaningful up-front investment from you. This investment buys you access to the tools you need to [...]" - Fraudster
I can see trusting or impressionable 18-19 year olds falling for this, especially if this is their first interviewing experience and job offer--they might think it's normal.
What I'm far more concerned about with totally fake job listings are the foreign placement agencies that harvest data from resumes and interview native citizens to get information and terminology to prop up their foreign candidate's resume's over the native candidates.
The placement agency makes their candidates look far better based on the information mined from the resumes and interviews, they learn how to speak about technology they don't fully understand. The employee gets a placement, the Business gets a cheap H1B indentured worker, and the Agency gets a fatter commission for selling a "more qualified" candidate.