Security Center

Welcome to the JobKiwi Security Centre

JobKiwi is dedicated to providing the safest possible environment for you to search for jobs and manage your career. To assist with that goal, we ask that you keep a few simple security precautions in mind when evaluating job postings on JobKiwi and job opportunities that you may receive unsolicited via email. While JobKiwi makes every effort to prevent this abuse, it is not immune to such activity.

On these pages, you can learn more about some of the most common internet security threats, what you can do to protect yourself, and what we do to ensure your details remain secure.

1. Common security threats

1.1 Money laundering

Job seekers are an increasingly common target for money laundering scam emails. Typically, these emails concern a job offer and the sender may claim to have found your details on a job site such as JobKiwi. They often offer job titles such as "transaction manager" or "accounts assistant".

Money laundering scams usually have five key stages:

  • A job seeker responds to a fake email job offer
  • The job seeker is asked for their bank details
  • A cheque is paid into the job seeker's bank account
  • The job seeker is instructed to transfer a portion of the funds into another account (often via a money transfer service, such as Western Union or MoneyGram) and keep the remainder as their payment
  • Once the job seeker has transferred the money, the cheque bounces and the victim are left with the debt

Falling victim to a money laundering scam is not only distressing, it can also affect credit ratings and bring victims under suspicion of criminal activity.

However, there are a number of tell-tale signs to look out for to help you spot a potential money laundering scam:

  • Are you being offered an opportunity to work from home? Usually, this type of scam email includes the offer of a great opportunity to work from home as a transaction processor or similar.
  • Is the salary offered realistic? Usually, the fake jobs being offered in this type of scam offer an unrealistically high salary.
  • Are you being asked for bank details? Money laundering scammers will ask you for your bank details. You should never give these out to a company you don't completely trust.
  • Do you have a personal contact? In most money laundering scams, communication will be carried out entirely over email and/or instant messaging, with no telephone or face to face contact.
  • Are there spelling and grammar mistakes in the email? Phishing emails often originate from outside the US or UK and spelling and grammar mistakes are common.

If you are suspicious of any email you receive, please contact us including the subject line of the email you received, and the email address it was sent from.

1.2  Phishing

1.2.1 What are Phishing Scams?

Phishing scams are cleverly disguised communications through which scammers attempt to get your account login credentials. These scams most commonly show up in the form of email messages, but may also appear through instant messages, text messages, and even in phone calls.

These phishing messages are designed to appear as though they were sent by a legitimate company. In email phishing, scammers will usually forge the From email address to make it appear to be from the company or person it is pretending to be. They will also use logos and graphics from the legitimate company’s web site and create an email which looks similar or identical to actual messages the company might send.

The links contained within an email phishing message usually lead the recipient to a false website. These false sites are usually identical or very similar to the site to which the recipient thinks they are traveling. Once the recipient has "logged in," however, the site owner (scammer/phisher) has and can use the recipient’s login information. Sometimes these sites will contain additional fields to be completed and often request that the victim update their banking, payment, or other sensitive information.

Perhaps most importantly, these scam messages, regardless of how they are delivered, are written in a way to trick the recipient into immediate action by using urgent or threatening language. Almost all of these phishing messages indicate to the recipient that his or her account will be shut off if he or she does not comply with the requested action in the message. Most companies will not contact you through email, instant message, or text message for urgent account updates. JobKiwi will not send you an email requiring any updates to your account or threatening to close the account if you don’t take a particular action.

More recently, email phishing messages have included additional threats to the recipient by not only tricking him or her into providing login and other sensitive information, but also into downloading malware(Short for "malicious software," malware refers to software programs designed specifically to damage or disrupt a system. Common examples of malware include viruses, worms, trojan horses, and spyware. Viruses, for example, can cause havoc on a computer's hard drive by deleting files or directory information. Spyware can gather data from a user's system without the user knowing it. This can include anything from the Web pages a user visits to personal information, such as credit card numbers) onto the recipient’s computer system. This malware, usually a Trojan horse program or even a mix of programs, can often sit on the recipient’s computer to capture data from the hard drive and track the user’s keystrokes.

If you receive an email that you suspect might be a phishing attempt, don’t click on the URL within the message! Please be sure to check the destination URL on the link contained within BEFORE attempting to login or submit any information. By simply hovering your mouse pointer over the URL, many email applications will display information on where the URL actually takes you. You can also "view source" or "show original" message in many applications based and online email viewers.

When in doubt, contact a trusted source at the company, such as calling their Customer Service department, to verify what communications have come from them. It is also recommended to hand type the known URL of the company into the web browser before logging in instead of clicking on any links sent to you within messages purporting to be from the company.

If the email in question appears to be from  JobKiwi, contact us to verify if the email is legitimate before performing any actions.

1.2.2 What are the signs of Phishing Scam?

  • The message does not address you by your actual name, but instead addresses you as: "User," "Customer," "Client," "Member," etc.
  • The message uses threatening, urgent or alarming language in regards to your account access; e.g. "Your account has been suspended," "Security Update Required," "New software download required for continued access," etc.
  • Hovering your mouse pointer over the link, or viewing the source message, reveals a URL that does not appear related to the company supposedly sending you the message.
  • The link within the message is a truncated (shortened or tiny size) URL which then redirects you to the actual web site.
  • The message contains spelling errors, grammatical errors, awkward wording or phrases, or a combination of all of these.
  • The message includes attachments that you are asked to download or open.
  • You are being asked to provide information that the company should already have or should not need to know such as: user name and password, payment information, banking information, credit card numbers with security code, Date of Birth, Driver's License number, or even National Identification Number.
  • Remember that JobKiwi will NEVER ask you to update your account via email through a link requiring you to login.
  • If you receive an email of this nature that appears to come from  JobKiwi, immediately contact us to verify if the email is legitimate before performing any actions.

1.2.3  How do I protect myself from a Phishing Scam?

  • Do not click on links within email – it is suggested that you type out the domain URL within your browser to help ensure that you are going to a company's actual website.
  • Hover your mouse over the link and it will reveal the true URL – if it is not the known URL for that company’s site (even if it looks similar), don’t click it!
  • Do not provide any Personal Information via email or through links sent to you in email.
  • Keep your computer’s Operating System regularly patched and updated.
  • Keep your AntiVirus(Antivirus software is a computer program that detects, prevents, and takes action to disarm or remove malicious software programs. Malicious software, or "malware" includes: viruses, Trojans, keyloggers, hijackers, dialers, and other code that vandalizes or steals your computer contents.) software consistently up-to-date and perform regular system scans.
  • The message includes attachments that you are asked to download or open.
  • Remember that JobKiwi will NEVER ask you to update your account via email through a link requiring you to login.
  • If you receive an email of this nature that appears to come from JobKiwi, immediately contact us to verify if the email is legitimate before performing any actions.

1.2.4 What do I do if I am the victim of a Phishing Scam?

  • Reset your JobKiwi password immediately through the "Forgot password" link located on the sign-in page.
  • Employers should contact their JobKiwi Customer Support Specialist and/or Sales Representatives to make them aware of the situation- they can work with our Customer Support Team to make sure the user’s account is secured.
  • Perform a scan of your computer system with up-to-date AntiVirus software; if on a corporate computer, contact your Tech Support immediately for assistance and advise them of the situation.
  • If malware is found on your computer, it is recommended to reset your password again through your Customer Support Specialist or from a verified malware-free computer system; you may also want to reset passwords for any other accounts you may have accessed through the infected computer.
  • Disregard all future emails that require you to update account information.
  • Forward the original phishing email message with full extended headers to our Customer Support Team so that we can take action immediately.

1.3 Identity theft

Identity theft occurs when an individual steals personal details from someone else and uses the information to fraudulently impersonate that individual. Victims of ID theft often find that their details are used to open bank accounts and obtain credit in their name.

Identity theft can only take place where a criminal has been able to gain access to enough personal details to create false documents in another person's name. In order to avoid becoming a victim of identity theft:

  • Never give out sensitive Personal Information such as your bank details, date of birth, National Identification Number or a copy of your passport in relation to an email
  • Look out for spelling and grammar mistakes in emails you receive
  • Never give out your sign in details in response to an email

If you suspect that you have been a victim of identity theft, you should contact the police as soon as possible.

2. What you can do to protect yourself

2.1 Account security

When it comes to your JobKiwi Profile, employer account and other online accounts, your password is the key to your site experience and Personal Information. While JobKiwi takes proactive security measures to protect your account information, you should actively protect your account information as well by keeping your password secure from unauthorized access.

In addition to having access to the products and services associated with your account, users who gain access by unauthorized means may attempt to use the data they have stolen to target phishing emails to you. In most cases, you would not notice your account has been compromised until it is too late.

With this in mind, here are some simple ways you can protect your account information:

  • Use a complex password. By choosing a complex password, you can increase the security of your account and prevent malicious use of JobKiwi's products and services.
  • Change your password regularly.
  • Never use the same password for multiple accounts - this will increase your security.
  • Never email anyone your password, and most importantly, never respond to an email asking for your password. JobKiwi will never email you asking you to supply us with or confirm your password, nor will JobKiwi ask you to download any software, “tool,” “online form” or “access agreement” in order to use your JobKiwi Profile account.
  • JobKiwi will also never call you asking for your username and/or password. You are the only person who needs to know your password. Don't share it with anyone. If you receive a phone call from someone claiming to be from JobKiwi and they ask you for your account credentials, do not respond to the caller. Instead, contact us.
  • Never share your password. If you are concerned someone else might know your JobKiwi password, change it immediately or contact JobKiwi.
  • Avoid writing down your passwords, if at all possible. If you must write down any password, store it securely away from your computer.
  • We also encourage you to make sure that the AntiVirus programs on your computer are updated regularly.

JobKiwi is committed to protecting the data provided to us by our job seekers and increasing the security of our customer accounts. Not only will these efforts protect your account information, but they will prevent unauthorized users from accessing JobKiwi products and services associated with your account.

2.2  CV security

Posting your CV to JobKiwi is an important part of the job seeking process, and could help you to be headhunted for great roles. It's important you provide enough information on your CV for employers to contact you.

However, in order to ensure your security online, you should never include any of the following in your CV:

  • National Identification Number
  • Driving license number
  • Bank details
  • Credit card details
  • Passwords
  • Date of birth

NOTE: You should also never share the Personal Information listed above with a prospective employer until you are confident that the employer and employment opportunity is legitimate.

Posting Your Resume

Do you want employers to find your resume on JobKiwi? Are you currently employed and need to be more careful about who is able to see your posted resume? Not all job searches are alike, so JobKiwi allows flexibility in how you post your resume. Your resume options are described below:

Public Resumes

Choosing the public (searchable) resume option allows employers to find your resume during resume searches. Because employers may search for candidates before they post a job on JobKiwi, choosing the public option will give you the widest possible access to job opportunities. Public resumes are viewable by anyone except your contact information.

Private Resumes

Choosing the private (non-searchable) resume option will prevent employers from finding your resume on JobKiwi during resume searches. However, you can still search for jobs and apply online using your private resume.

3. General advice

It's always important to be mindful of your security and safety online. Look at our top 10 tips to staying safe online to make sure you are not putting yourself at risk.

  • If it looks too good to be true, it probably is. Be wary of offers for jobs paying a high salary for working from home.
  • Never provide personal details when looking for a job. There is no need for an employer to request your bank details before you have been through the interview process and been offered a role.
  • Never agree to process funds through your personal bank account on behalf of a company. Any legitimate company will have corporate accounts, so would never ask you to do this.
  • Never provide your personal details over a non-secure connection. If you are being asked to enter sign in details, look for the “https://” at the beginning of the website address.
  • Don't put Personal Information on your CV. Employers don't need to see your NI number on your CV.
  • Look out for bad spelling and grammar. Email scams often originate from outside the US or UK so may not contain perfect English.
  • Never provide your username and password in an email purporting to be from JobKiwi. We will never ask you to provide this information in an email.
  • Be wary of employers with no personal contact. It's very unlikely that an employer would offer you a job without a telephone and/or face to face interview.
  • Keep your password secure and up-to-date. Passwords should be changed at least once every three months.
  • If in doubt, report it. If you are suspicious about any contact you receive related to JobKiwi, contact us and our Customer Support Team will investigate.

4. What we are doing to protect you

We have partnered with several industry leaders to ensure you receive the most secure levels of service possible whilst using the site.

4.1 SSL encryption

To protect your Personal Information in specific areas of the site, JobKiwi uses industry standard SSL (Secure Sockets Layer) encryption to encrypt and secure your data. Whenever you enter a secure area of the site, you will notice the address in your web browser changes to begin with "https://". SSL certificates used on JobKiwi are provided and authenticated by AutoSSL.

5. Resources For Fraud Security

If you have any questions or concerns contact our Support Department.

 Contact Support

Join JobKiwi
and Apply Today!

Free Registration. Free Professional Resume. Free Advertising. Free Job Application.
Register