Be Aware of Recruitment and Email Phishing Scams

Career seekers are encouraged to exercise caution when sharing personal information online and to verify the authenticity of any recruitment-related communication before responding.

To help protect yourself from phishing attacks and recruitment scams, follow these guidelines:

  • Never share passwords, PINs, one-time passwords (OTPs), online banking credentials, or credit card information. Legitimate recruitment agencies and employers will never request this information from candidates.
  • If you are unsure whether a communication is legitimate, contact the company or recruitment agency directly using the contact details published on its official website.
  • Be cautious of emails, messages, or job offers that create a sense of urgency, request confidential information, or ask for payment in exchange for employment opportunities.
  • Verify the sender’s email address carefully. Scammers may use email addresses that closely resemble those of legitimate organisations.
  • While spelling and grammatical errors can sometimes indicate a scam, many phishing emails are now professionally written. Always verify the sender and the authenticity of the request.
  • On mobile devices, press and hold a link to preview the destination URL before clicking. On a computer, hover your mouse over a link to view the website address and confirm that it directs to a legitimate domain.
  • Never click on suspicious links, open unexpected attachments, or download files from unknown sources.
  • Be wary of job offers that seem too good to be true, particularly those offering unusually high salaries, immediate employment without an interview, or requests for upfront payments.
  • Legitimate recruitment agencies and employers will never ask candidates to pay fees in exchange for employment opportunities.
  • If you suspect fraudulent activity relating to a job application or recruitment process, contact the organisation directly to verify the communication before taking any action.