In the second quarter of 2025, Russia experienced a sharp rise in fraud cases specifically targeting individuals searching for employment. According to reports from Izvestia newspaper and the DLBI vulnerability and data leak intelligence service, cybercriminals have devised new methods to deceive job applicants.
Among these schemes are invitations to fraudulent online interviews conducted via counterfeit pages of video conferencing services, such as fake Google Meet interfaces. The primary objective of these fake interviews is to trick users into divulging their login credentials, granting attackers access to their accounts, particularly Gmail.
Another prevalent tactic involves sending applicants test assignments in files that contain malicious software designed to steal data from their computers. Fraudsters may also instruct candidates to install specific software on their device, falsely claiming it is necessary for system checks, when in reality, it is a virus.
Notably, one scheme specifically targeted IT specialists: they were asked to compile a test task from source code, which also resulted in the infection of their devices with malware. These deceitful job offers are primarily disseminated through specialized Telegram channels dedicated to job hunting.
Earlier reports also highlighted other types of fraudulent activities, such as calls from individuals posing as military recruitment officers to steal data for the Gosuslugi (State Services) portal, or elaborate schemes to deceive individuals through invitations to watch movies together on fake online platforms.
