Recruitment scam FAQ
Everything you need to know about spotting recruitment scams, verifying recruiters, and protecting your personal data if you have already been targeted.
Run a free recruitment scam scanHow do I know if a recruiter is real or a scam?
Key warning signs include recruiters who contact you out of nowhere with unusually high salaries, ask for personal financial information early in the process, use generic email domains instead of company addresses, have no verifiable LinkedIn presence, or pressure you to act quickly. Legitimate recruiters work for identifiable companies and do not rush you into sharing bank details or paying fees before you have a signed offer. If several of these signals appear together, treat the outreach as high risk until you can verify it independently. RecruitShield is a free tool that checks recruiter and job details against known scam patterns and returns a clear risk score.
What is a ghost job listing?
A ghost job is a job posting that is either no longer active or was never intended to be filled — companies sometimes leave listings live to build a candidate pipeline or accidentally forget to remove them. Scammers also use fake postings to harvest CVs, contact details, and identity documents from applicants who believe the role is genuine. Warning signs include jobs that stay open for many months, vague descriptions, or listings that never progress to interview despite easy qualifications. RecruitShield helps identify suspicious postings before you invest time in applying or sharing personal data.
Is RecruitShield free to use?
Yes. RecruitShield's core scan functionality is completely free with no account required — you only need an email address to receive your report. There are no subscriptions, paywalls, or hidden fees for running a recruitment scam scan or reading your risk report. It is built by Recberry as a public resource to protect job seekers from recruitment fraud.
Does RecruitShield store my messages or personal data?
No. Any evidence you submit - emails, WhatsApp messages, screenshots - is processed in memory during the analysis and permanently deleted once your report is generated. Only anonymised patterns (hashed identifiers, no names or messages) are stored if you choose to contribute to the community database.
A recruiter asked me to pay for a background check. Is this normal?
No. Legitimate employers and recruiters never charge candidates any fees during a hiring process. A request to pay for a background check, training materials, equipment, or any other onboarding cost is a definitive red flag for recruitment fraud. Stop all communication immediately.
The recruiter is using a Gmail address but claims to work at a major company. Should I be concerned?
Yes - this is one of the strongest signals of recruitment fraud. Legitimate recruiters at established companies always use their company email domain (e.g. @wellsfargo.com, @google.com). A Gmail, Yahoo, or Outlook address for someone claiming to recruit on behalf of a major employer is a major red flag.
How do I verify a recruiter is legitimate?
Check four things: (1) Their email domain matches the company they claim to represent. (2) Their LinkedIn profile has years of history, endorsements, and mutual connections. (3) The job is listed on the company's official careers page. (4) Run a free RecruitShield scan - it checks all of this automatically and gives you a risk score.
What is the difference between an internal recruiter and an external headhunter?
An internal recruiter is employed directly by the company they recruit for - they use a company email and appear on the company's LinkedIn and website. An external recruiter (headhunter) works for a separate agency and recruits on behalf of client companies. External recruiters legitimately use their agency email, do not post jobs on their agency website, and proactively share details about their client. RecruitShield handles both types correctly - select the appropriate option when running a scan.
I am an external headhunter. Will RecruitShield give me a false positive?
No. RecruitShield has a dedicated external agency flow. When a job seeker selects "External agency / headhunter," the tool applies headhunter-appropriate signals: it will not flag you for using an agency email, not posting jobs on your website, or sharing client company details. The risk scoring is adjusted accordingly.
What are the most common types of recruitment scams?
The four most common types are: (1) Advance fee scam - you are asked to pay for a background check, training, or equipment before starting. (2) Identity theft - a fake onboarding process collects your passport, bank details, or national ID. (3) Fake job offer - a non-existent role is used to harvest your CV and personal data for resale. (4) Impersonation - a scammer uses the stolen name and photo of a real recruiter from a real company to appear credible.
How does RecruitShield detect scammers?
RecruitShield runs parallel checks: email domain validation, domain age analysis (WHOIS), digital footprint assessment, Google search signals, and a lookup against the community scammer database. The results are then analysed by AI (Google Gemini 2.0 Flash) which produces a 3-layer structured report covering publicly verifiable facts, OSINT correlations, and technical risk assessment.
I lost money to a recruitment scam. What should I do?
Act immediately: (1) Report to your local police and obtain a case number. (2) Contact your bank to attempt a chargeback if money was transferred. (3) Report the scammer on the platform where contact was made (LinkedIn, WhatsApp). (4) Report to the company being impersonated - they have fraud teams. (5) Submit a report to the RecruitShield community database to protect other job seekers. In the Czech Republic, report to the Czech Police (Policie CR) and AFIS.
Can I report a scammer even if I did not run a scan?
Yes. You can submit a direct scam report at /job-seekers/recruitshield/report-scammer without running a scan. Your report is reviewed by the Recberry team and contributes to the community database.
How does the community scammer database work?
When a job seeker contributes their report, only anonymised signals are stored - hashed email addresses, platform, fee information, and their story. No raw personal data is retained. When another job seeker later scans the same recruiter or email, they see: "N job seekers previously reported a recruiter matching this profile."
What is a Company Hiring Trust Score?
A free analysis of how a company's brand appears to job seekers when scammers try to impersonate them. It scores 7 signals including domain age, careers page quality, LinkedIn verification, and active scam reports. Companies with low scores have gaps that make impersonation easy. Available at /job-seekers/recruitshield/company-check.
Is RecruitShield available in languages other than English?
Currently RecruitShield operates in English. Czech language support is planned. The tool is effective for analysing recruiters and companies globally.
Who built RecruitShield?
RecruitShield was built by Barbora Jenšík, Founder and Principal Recruiter at Recberry s.r.o., based in Prague, Czech Republic. As an experienced headhunter, Barbora observed sophisticated recruitment scams targeting job seekers firsthand and built RecruitShield to give job seekers concrete, verifiable analysis rather than generic warnings.
Have a specific recruiter you want to check?
Run a free RecruitShield scan. Submit the recruiter's details and get a full 3-layer risk report in under 60 seconds.