He Was Laid Off, Posted on LinkedIn — Then Scammers Started Impersonating Real Recruiters to Target Him

The surge in recruiter‑impersonation scams reflects a broader shift in cybercrime toward social‑engineering on professional networks. By hijacking authentic LinkedIn profiles, fraudsters bypass many of the platform’s trust signals, embedding real‑world job descriptions and referencing actual resumes. This tactic, highlighted by recent Wall Street Journal reporting, leverages the credibility of established hiring managers while masking malicious intent behind personal email domains. As remote work expands and talent pipelines become increasingly digital, the attack surface for such deception grows exponentially.

For job seekers, especially those who publicly announce layoffs or display the #OpenToWork badge, the risk escalates dramatically. Scammers exploit the heightened vulnerability, sending polished outreach that promises senior positions at marquee firms like Blizzard Entertainment. The ultimate goal is data extraction—social security numbers, banking details—or extortion through bogus resume‑rewrite fees. Because the messages reference genuine openings and include verified LinkedIn links, many candidates overlook the tell‑tale mismatch in email addresses. Vigilance, such as cross‑checking corporate domains and contacting HR directly, is essential to avoid costly mistakes.

The phenomenon also forces corporations and platforms to rethink security protocols. Employers can institute mandatory recruiter verification badges and educate their workforce on phishing indicators specific to recruitment communications. LinkedIn, meanwhile, must enhance its detection algorithms to flag cloned profiles and provide clearer warnings about non‑company email senders. As the line between legitimate networking and fraud blurs, a coordinated response—combining user awareness, technology safeguards, and swift incident reporting—will be critical to preserving trust in the digital hiring ecosystem.