Urgent warning issued about alarming Kmart and Bunnings scam that targets Australians looking for a job
- Scammers are posing fake job ads for Bunnings and Kmart on social media
- Ads offer high wages working from home without a computer and daily pay
- People who click on the ads are asked for personal details and banking details
Scammers are targeting job seekers with fake ads offering lucrative positions at employers such as Bunnings and Kmart.
The ads, which copy the branding of the retail giants, have been posted to Facebook and promise high hourly rates of $48-$65 for full-time and part-time positions that can be done from home with daily pay.
Job hopefuls are told they don’t need any experience and can do the work just using a mobile phone.
Fake job ads for retail giant Bunnings have been posted on Facebook to lure people into giving scammers their personal details
After would-be applicants click on the Bunnings ad they are sent to a website that does not belong to the company and asked for personal information and bank details.
The Kmart ad sends people to WhatsApp, where they are also asked for personal information.
This type of scam is called phishing, where victims are deceived into handing over personal information that can be used by hackers to impersonate them online and access their finances.
Bunnings managing director Mike Schneider said the company was working with Facebook to get the fakes ads taken down.
‘Bunnings places a lot of time and effort into recruiting our amazing team and we are in no way associated with the scam material,’ he told Channel Seven.
Scammers have also been posting fake jobs that copy the logo of retailer Kmart to trick victims
‘We don’t ask for personal information, or banking details, in unsolicited communications.’
Kmart said it was aware of the scam and reporting the fake ads.
The Australian Competition and Consumer Commission (ACCC) watchdog warned that job ads offering ‘guaranteed’ easy money working from home with little effort and no qualifications should be treated with suspicion.
Other warning signs are being asked early on for personal details or being asked to pay a fee for more information.
Bunnings says that it is working with Facebook to get the fake ad jobs taken down from the social media platform
Scam advertisers might also have no street address and websites that contain spelling or grammar errors.
The ACCC advised anyone who suspects they have been taken in by a scam and given away personal information, such as banking details, Medicare, tax file or passport numbers, to contact the relevant institutions or agencies.
The should also report the scams to the ACCC and to any companies or agencies that the scammers are impersonating.
Australians are predicted to lose $4billion to scammers this year, double last year’s total.
Shara Evans’ 10 tips to stay safe online
Shara Evans is a technology futurist and expert in online safety. Here are her tips to stay safe from hackers
1. Get basic IT security on devices including anti-virus programs, malware checkers, ransomware checkers, VPN, firewalls.
2. Use different passwords for every website and app. Make them long and complex – upper plus lower case letters, numbers, special characters. Save your passwords in an encrypted password vault.
3. Use two-factor authentication whenever possible (ie: logging into a secure bank portal requires you to provide an authentication code that’s sent to you via text or email or requires a SecureID token number)
4. Use multiple email addresses. If you own a domain, it’s easy to set up an email alias (‘forwarder’) that names a specific site or type of activity. If compromised you can then disable an email alias address without impacting everything that you do. And, it will help you to identify the source of the leak.
5. Check your credit reports for signs of fraudulent activity – or wrong info.
6. Sign up for a credit/ID protection plan and put in place credit report bans if you have reason to suspect that your ID is compromised.
7. NEVER click on text or email hyperlinks that you don’t absolutely know are legit. Lots of people get in trouble this way. You can check a compressed link by copying it and entering it into the SEARCH BAR to see what shows up. If it’s malware, you may see a notice. At the very least, check if the source domain seems suspicious, in which case don’t click it!
8. When uploading any sensitive info to a website portal check for the lock icon (https) – this means that your data is encrypted ‘in transit’ when its uploaded to the website. Company cyber security practices vary widely.
9. If someone phones you saying they’re from Company X – NEVER give out any info to them, unless you know them and are already expecting a call from a specific phone number or person.
10. NEVER publish your birthdate online! If you have it on social media DELETE it now. Unless you are doing an official financial transaction, there are very few good reasons for any party to know your real birthdate, much less store it.