Ghost Jobs Aren’t Just Wasting Time—They’re Fueling Cybersecurity Scams
The latest Bitdefender report highlights a disturbing trend: scammers are using fake job ads to steal personal data, compromise networks, and trick even seasoned professionals in the cybersecurity industry. But beneath the technical sophistication of these schemes lies a much simpler root cause: ghost job postings.
Ghost jobs—ads for positions that aren’t actually open—are often used by companies to collect resumes for future hiring, inflate perceived growth, or test the job market. But their proliferation creates a breeding ground for fraud. The more noise there is in online job listings, the easier it is for malicious actors to blend in.
Here’s what Bitdefender found:
Scammers are impersonating real companies, posting fake roles that mirror legitimate openings.
Applicants are asked to download malicious software disguised as onboarding tools or complete phishing-filled forms with personal information.
Even cybersecurity professionals are being targeted—meaning no one is immune.
And this isn’t just happening in sketchy corners of the internet. These scam listings are appearing on mainstream job boards. Why? Because there's little regulation, no consistent verification process, and no accountability.
This is exactly what the Truth in Job Advertising and Accountability Act (TJAAA) aims to fix.
The TJAAA would:
Require job ads to reflect real, currently available opportunities.
Mandate disclosure of third-party involvement in hiring.
Prohibit deceptive listings and hold bad actors accountable.
Provide a private right of action to victims—including job seekers tricked by ghost postings.
Ghost jobs aren’t just an annoyance. They erode trust, distort labor market data, and now—they’re endangering people’s digital safety.
The time for voluntary reform has passed. It’s time for real accountability in job advertising.