Beware! Don’t Fall For The Fake Atlassian Job Offers

Atlassian, the collaboration software company behind popular tools like Jira, Confluence, and Trello, has become aware of an increasing number of fraudulent job offers being made in their name. These scam job offers are often promoted online or via email, and try to lure applicants in with promises of lucrative roles at Atlassian. However, they are not genuine and applicants risk compromising personal information or losing money if they engage with these fake opportunities.

Scams

Overview of the Atlassian Job Scam

The Atlassian job scam involves individuals or groups posing as recruiters or employees of the company to entice job seekers with fake positions. They may promote these fabricated roles on job boards, social media, messaging platforms, or by email. Often the scam positions boast very generous salaries and benefits in order to attract as many applicants as possible.

Once an applicant shows interest, the scammers will try to harvest personal details like date of birth, ID numbers, home address, and banking information. In some cases, they may even conduct fake “interviews” via chat or video calls to try to legitimize the role and collect more data.

Victims of the scam are manipulated into handing over sensitive information that could lead to identity theft and financial fraud. The scammers benefit by stealing private data they can exploit or sell on the black market.

How the Atlassian Job Scam Works

The fraudsters carrying out these scams are sophisticated and have found ways to make the job offers appear credible. Here are some of the common tactics they use:

  • Imitating authentic Atlassian email addresses – Using slight variations on real email addresses from the company’s domain, e.g. jobs@atlassian-careers.com instead of jobs@atlassian.com.
  • Posting on legitimate job boards – To post on reputable sites like LinkedIn, Indeed or AngelList, scammers impersonate real employees or exploit vulnerabilities to make fake company accounts.
  • Cloning the real Atlassian careers site – Copying the visual design and content of the official site to make their own fake portal seem credible.
  • Name dropping senior leaders – Pretending to be or reference senior executives like Mike Cannon-Brookes to convince applicants of the role’s importance.
  • Offering referral bonuses – Encouraging applicants to refer friends in return for bonus payments in an attempt to expand their scam reach.
  • Conducting fake video interviews – Holding elaborately staged video calls to further convince victims the roles are real.
  • Pressuring urgent response – Pushing applicants to provide personal information quickly before any checks can be carried out.
  • Requesting untraceable payment transfers – Asking for funds to be sent via methods like gift cards which cannot be recovered.

How to Spot Atlassian Job Scams

While the scam artists go to great lengths to make their fake Atlassian job offers seem legitimate, there are some key warning signs applicants can watch out for:

  • Role seems too good to be true – Exceptionally high salary or senior position offered despite applicant’s experience.
  • Requests for personal details upfront – Asking for private info early in the process is a major red flag.
  • Interview via chat or email only – Atlassian conducts all interviews via phone call or video conference, never chat or email.
  • Offer for job applicant didn’t actually apply for – Receiving an offer out of the blue for a role the applicant didn’t actually submit an application for.
  • Urgent time pressure to accept offer or provide info – High pressure tactics to force quick decisions or sharing of personal data are highly suspicious.
  • Domains impersonating Atlassian’s – Email addresses using variations of the real Atlassian domain like “@atlassian-ventures.com” or “@atlassian.careers” are fakes.
  • Spelling and grammar issues – Phishing emails often contain spelling, grammar and formatting issues uncommon in official corporate communications.

What to Do if You Are a Victim of the Scam

If you have already engaged with a suspicious Atlassian job offer and handed over any amount of personal information, there are steps you should take right away to limit the potential damage:

  • Contact your bank if you shared any financial information – Your bank can monitor your accounts for suspicious activity and help prevent fraudulent transactions.
  • Change online account passwords – Update passwords on any online accounts for which you shared credentials with the scammers. Enable two-factor authentication where possible.
  • Place fraud alert on your credit file – Your credit agency can add an alert to flag any unusual activity on your credit file requiring verification.
  • File police report – Reporting the fraud to local law enforcement creates an official record and may aid investigations.
  • Report to the FTC – Notifying the Federal Trade Commission adds your case to the database for tracking and prosecuting scams.
  • Notify Atlassian – Forward any scam emails you received to Atlassian at abuse@atlassian.com to aid their efforts in getting fake domains shutdown.
  • Be vigilant about any further contact – Scammers may pretend to be law enforcement or Atlassian follow-up to coerce you into additional actions. Avoid engagement.

By acting quickly, victims can help contain the potential impacts and prevent their case from fueling ongoing scam operations. Atlassian also urges reporting of all fraudulent activity to aid their legal investigations.

Conclusion & Key Takeaways

Unfortunately, large prominent brands like Atlassian are often targets for these kind of phishing scams aiming to exploit job seekers. However, understanding common tactics the fraudsters use and acting cautiously when interacting with potential employers online can help protect against compromising your personal data or money.

Key takeaways if you are pursuing Atlassian job opportunities or any other roles:

  • Scrutinize email addresses and domains in correspondence to ensure legitimacy.
  • Avoid sharing personal info like banking details with recruiters upfront.
  • Conduct video interviews only via official company tools – never chat or email.
  • Watch for high pressure tactics urging urgent response or transfers.
  • If it seems too good to be true, it likely is. Exercise caution.
  • Report any suspected scam attempts to Atlassian so they can act to get them shutdown.

Exercising caution and awareness when interacting with unknown parties claiming to represent reputable companies can help job seekers avoid the pitfalls of employment scams. Atlassian recommends verified opportunities be explored only through their official careers site and recruiter communications.

Frequently Asked Questions

How do the scammers obtain applicant contact details?

The scammers likely harvest publicly available data from sources like LinkedIn and job board profiles. They may also buy databases of resumes and contact info illegally obtained from previous breaches.

What are the risks if I provide my personal info to scammers?

At a minimum, scammers may use your info for identity theft purposes to open fraudulent accounts. Bank details can lead to draining of funds from your accounts. Other data could be sold on the dark web.

Should I report scam emails I receive?

Yes, you should report to Atlassian at abuse@atlassian.com and to the platform on which you received them. This aids investigation and removal of scam accounts.

How can I tell if a job offer email is real or fake?

Closely scrutinize the domain name – any variation on the official “@atlassian.com” indicates a scam attempt. Also look for poor grammar, urgent demands, and interview requests via chat/email as red flags.

Is it safe to apply to Atlassian roles on third party job sites?

Apply with caution as scammers do frequently post fake roles on third party sites. Carefully validate email addresses and domains match Atlassian’s real ones before engaging.

Can Atlassian help if I lost money to a scam already?

Unfortunately Atlassian cannot provide direct financial restitution, but reporting the details to them can aid legal investigations to stop the scammers and recover funds where possible.

By remaining vigilant and acting prudently, job seekers can avoid becoming victims of scams impersonating reputable firms like Atlassian. Report any suspicious correspondence to help curtail the operations of these fraudulent actors and protect yourself and others from potential harm.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.