Hacker News

Subscribe to Hacker News feed
Hacker News RSS
Updated: 7 min 13 sec ago

In Search of the Perfect Soap

Sun, 11/17/2024 - 9:56am
Categories: Hacker News

Ask HN: Interesting MITM Employment Scam?

Sun, 11/17/2024 - 9:47am

I got an employment offer out of the blue on LinkedIn matching my skills, from a “Frank B”, “Talent acquisition specialist @ Gauntlet” from supposedly Beaverton, Oregon with no picture. It didn’t mention what company it was for, but seemed interesting otherwise. I submitted a (public) link to my resume and other info about me.

They said: Sounds good. We’re moving quickly because the project is on a tight schedule, so we’re keeping our hiring process simple.

First, we’ll narrow down candidates based on their resumes. Next, there will be a 20-minute online skills assessment. Then, we’ll conduct a 30-minute HR interview. Finally, we’ll extend an offer.

We’ll review your resume and get back to you soon.

I said Sounds good. Heard nothing for a while. Yesterday I wrote: Any updates?” And I received this today:

Thank you for your interest in the opportunity with us. We appreciate the time and effort you put into your application.

We are pleased to inform you that you have successfully passed the initial resume review! As the next step, we invite you to complete a second technical assessment.

Please find the link to the assessment below:

https://app.willotalent.us/invite/REDACTEDHERE

Make sure to complete it by tomorrow, as we will review your results shortly after. If you have any questions, feel free to reach out.

We wish you the best of luck!*

The title says “Recording a Great Interview” LOL.

I was suspicious and looked at the domain site root page, which has a parking page.

It seems to be a proxy for “willo.video”. Clicking the button opens a proxy page which seems to launch into 3 questions, that it seems to proxy.

What happens when I answer these questions, I wonder? Surely at some point the company would want to interview me and ask my name, no? Probably there will never be any interactivity and the MITM site will ask me static questions for video responses, or maybe it will have someone in near-real-time give same answers to the employer but change the name?

I simply replied “can you tell me which company I’m interviewing for?

The incongruence of the response times with the new time pressure, and the vague nature of the employer tipped me off. The LinkedIn profile did have 75 connections, some of them to verified accounts of the CFO and top people at this “Gauntlet” firm.

I requested to connect to a couple of them on LinkedIn and will ask about this “Frank B.” But my question is: should I complete this assessment? What do you think would happen?

With AI, by the way, the MITM could be trivial, replacing just the names in my voice etc. One has to wonder how remote jobs could even work, if the MITM of interviews could be complete, and then don’t turn on the camera for a while. Or even turn on the camera but the AI voice and face changer does the rest.

The scams where someone poses as a lender or employer to get your personal data at the end are devious, but at least they are trivial: https://consumer.ftc.gov/consumer-alerts/2023/05/scammers-are-hijacking-job-ads-heres-how-spot-fakes https://www.reddit.com/r/recruitinghell/comments/13v1fcc/sighs_i_get_contacted_via_text_about_a_remote_job/

My question is what if this is a true MITM. Like this: https://drjohnsullivan.com/articles/identify-fraud-with-remote-hiring-could-your-new-hire-be-an-impersonator/ https://www.reddit.com/r/ExperiencedDevs/comments/16c6d1c/my_company_just_hired_a_bait_and_switch_person/

I imagine that the entire job search marketplace and every other marketplace (eg dating) has been MITMed for resumes and profiles for decades, at least by agencies to “stuff with good candidates/employers that are too bus to respond”. It was hard to invent entirely fake profiles, until AI, so real ones could be used like that.

Comments URL: https://news.ycombinator.com/item?id=42164448

Points: 1

# Comments: 1

Categories: Hacker News

How to Improve at Peer Review?

Sun, 11/17/2024 - 9:31am

I've recently joined a new company and I've begun to realize that I had never previously been exposed to good PRs and general peer review. My colleagues seem able to pick up on many details that could be improved in each others' and my code. These range from minor comments about docstrings, variable names to more general comments about the philosophy of the codebase and particular function implementations. Whereas I find it hard to pick up on anywhere near the same amount of detail. Are there any good resources out there on how to achieve a thorough review, akin to the resources available on how to read a scientific paper? Any tips from the community?

Comments URL: https://news.ycombinator.com/item?id=42164366

Points: 1

# Comments: 0

Categories: Hacker News

Haskell Mafia

Sun, 11/17/2024 - 9:05am
Categories: Hacker News

Pages