Adventurer: the number of summer job scams has increased in Russia
In Russia, before the start of the summer season, the number of fraud cases related to seasonal part-time job offers has increased. In January–April 2026, the number of such incidents increased by an average of 30% compared to the same period in 2025. Experts note that the peak of malefactors' activity is expected in May-June, during the period of the traditional growth in demand for temporary employment among students, high school students and seasonal workers. Courier delivery, warehouse logistics, promotions and summer field work remain the most popular categories. How not to become a victim of fraudsters — in the material of Izvestia.
What schemes are used by scammers?
The temporary employment market has become a convenient environment for attackers due to the high rate of recruitment and minimal verification of employers by applicants. Scammers copy vacancies from real companies, create pages disguised as HR managers, and then transfer communication to messengers, where it is easier to put pressure on a candidate, said Pavel Kovalenko, director of the Informzashita anti-fraud center.
According to him, in January – April 2026, the number of such cases increased by 27% compared to the same period in 2025. About 41% of the incidents were related to phishing forms disguised as employer questionnaires. Users were asked for passport data, SNILS, INN, bank details and SMS codes, allegedly for "quick registration." Another 27% of cases were related to prepayment schemes, such as medical books, workwear, training, or access to work shifts. After the transfer of money, the accounts of the "employers" disappeared. Fake applications for recording shifts and payments accounted for another 16% of incidents.
— Seasonal part-time work has always been based on trust and speed, and that's what attackers use. Their task is not to guide the victim for a long time, but to obtain personal data in 20 minutes, force a transfer or install an application," Pavel Kovalenko said.
In the first four months of 2026, the number of phishing pages related to employment increased by 30-35% compared to last year, two information security companies said. These are tens of thousands of cases of fraud, when fraudsters gain access to users' personal data and their accounts. Experts attribute this to the crisis in the labor market and the spread of the practice of combining main work with part-time jobs.
— Such actions are often based on job offers as a courier, warehouse manager, promoter, or maintenance staff. In such cases, the applicant often makes a decision quickly, without wasting time on a thorough review of the employer. This is what attackers use: in a hurry, a person's vigilance is dulled, he misses alarm signals and checks the reality of the company's existence less often," said Konstantin Larin, head of the cyber intelligence department at Bastion.
The increase in damage indicates the activities of organized criminal groups. Attackers are gradually moving from simple prepaid schemes to hybrid attacks, where the goal is not only a one-time transfer of money, but also gaining full control over the user's digital identity, said Igor Bederov, chairman of the coordinating Council of the non-governmental security sector of the Russian Federation, founder of the Internet Search company.
— According to our data, the number of confirmed incidents involving summer part-time work has increased by about 30% compared to the data of 2025. At the same time, for fraudsters, access to an account on "Public Services" is often more valuable than direct theft of money. This makes it possible to issue microloans or perform operations on behalf of a citizen," said Igor Bederov.
He also noted another problem: against the background of a shortage of personnel, employers began to overestimate the salary level in vacancies, especially in the segment of mass line staff. Ads for loaders, pickers and warehouse workers often indicate incomes at the level of 250-300 thousand rubles, but in practice such amounts are not achievable, and the actual income is no more than 100-120 thousand, Igor Bederov explained.
The expert also warned about the risks of involving applicants in dropper schemes. Under the guise of working with payments, people are offered to accept money to their bank cards and transfer it further to the alleged employer. In fact, such accounts are used to transit stolen funds.
— If a person has transferred money to fraudsters or participated in the transit of funds, his bank account may come under suspicion. In some cases, this leads to transaction blockages and additional checks," added Anton Bochkarev, CEO of information security companies 3side and 4sec.
The spread of the practice of combining core work with additional part-time jobs, which often do not require high qualifications, contributes to the growth of fraud, says the head of the Smart Business Alert service at ESA PRO (part of the Cross Technologies Group). Sergey Trukhachev.
— These are fake vacancies on well-known aggregator sites, imitation career pages, and offers of quick earnings through messengers. In general, compared to 2025, there were about 25% more phishing pages related to work in the first four months of 2026," he explained.
The problem was also confirmed by the .RU/.RF Domain Coordination Center. The share of malware incidents increased from 18.4% to 49.2% of the total number of requests in annual terms. At the same time, as part of the Domain Patrol project, since the beginning of 2026, competent organizations have sent almost 25,000 complaints to Russian registrars about the misuse of domain names in the zones.RU and .Russia, which is 39% more than a year earlier.
—In 2026, the threat structure has also changed: if phishing used to be the main category, now the spread of malicious software has come to the fore," said a data analyst at the RU/ Domain Coordination Center.Russian Federation Evgeny Pankov.
That is why one of the important measures to combat fraud and cyber attacks will be the introduction of mandatory identification of domain administrators through the unified ESIA system from September 1. This will complicate the registration of phishing and other malicious resources, reduce the opportunities for abuse and increase the overall security level of national domain zones, the expert recalled.
How important it is to choose the right sites
The main peak of such scams traditionally falls during the summer season. Attackers actively use the situation when people are looking for a quick income and are ready to agree to any conditions, said Alexander Sviridov, an independent HR recruiter.
— High school students, students and people who urgently need a part-time job become especially vulnerable. Scammers adapt old schemes to new platforms and make them more convincing," he said.
He advises using specialized, reliable job search sites at any time of the year, where there is stricter moderation of ads.
— Trust in the employer is the most important aspect when choosing a company. It is important to know how to distinguish a reliable employer, what questions to ask, and what details to pay attention to before making a decision. First of all, choose only trusted companies, study reviews about them and use reliable online platforms to search for vacancies. Large digital job services are developing employer verification systems, rating and review systems, and moderation, which help screen out questionable offers, the Avito Part-Time press service told Izvestia.
They reminded of the need to formalize the relationship with the employer officially, even if it is a short-term part-time job, and also do not forget to clearly coordinate the terms of cooperation: the scope of tasks, deadlines, amount and exact date of payments. All this should be recorded in the document. Any arrangement that is not fixed by a contract (GPH or labor) carries the risk of non-payment. Malefactors can use tactics of pressure on pity, haste, or offer "too favorable" conditions without formalities.
In addition, if the interviewee offers to pay for an internship, training, work clothes, equipment, or an "insurance premium," or asks you to send scans of your passport, INN, SNILS, and other documents in advance before concluding the contract, you should be careful. It is recommended to transfer such data only after official employment.
— If you are persistently offered to switch to third-party messengers, especially if the communication looks informal, and you are also asked to send bank card details (number, expiration date, CVV code), SMS codes or passwords from personal accounts — these are red flags that indicate a possible danger. A competent approach to job search and part—time work, based on careful verification and documentation of conditions, will help to avoid risks and earn additional income," the Avito Part-time Job press service added.
In general, the experts surveyed agree that during the seasonal growth of vacancies, applicants need to check employers, website addresses and sources of communication especially carefully. Experts recommend not clicking on questionable links, not installing apps from messengers, and not transferring money for "registration," training, or access to work shifts until the company's legality is confirmed.
Переведено сервисом «Яндекс Переводчик»
