Money is tight for a lot of people right now. Rent climbing, groceries climbing, the paycheque doing neither. When the bank account thins out, the brain starts looking for help in places it would normally skip past, and the people who run scams know this better than anyone. They count on it. So before we get any further, let's talk about one of the doors they walk through most. Online job recruiting.
You probably will not catch the moment it starts. That is the whole design. The message arrives mid-morning on some forgettable Tuesday in February, the radiator clicking, your fourth coffee gone cold beside the laptop. WhatsApp. A name you do not know, friendly, a touch too friendly, asking if you have got a minute. They saw your profile somewhere. LinkedIn maybe. Indeed. The where does not matter because the next sentence is always the same one. There is an opening. The work is remote. The pay is fine. The hiring manager would love to set up a quick chat.
Twenty years back, this script ran shorter and dumber. Mail a money order for the training kit. Buy into a binder of work-from-home leads photocopied from some other binder. Cash a cheque, wire part of it down to Florida, and keep the difference as your finder's fee. The cons turned a profit but never scaled, limited by geography, by the cost of a postage stamp, by how many marks one operator could juggle on a single phone line. The 2010s moved the whole circus online without changing it much. Craigslist mystery-shopper ads. LinkedIn impostor recruiters. Paid-app-review piecework that mostly fizzled. Small money. Small reach. Small risk.
Then 2020 happened.
The pandemic moved hiring online almost overnight, and the people running these schemes paid attention. They watched the labour market soften. They watched real recruiters start cold-messaging strangers on LinkedIn because that is what real recruiters were doing now. They watched job boards fill up with remote postings nobody could verify by walking past a building. Companies began handing out company laptops to addresses they had never seen, onboarding people they would never meet, hiring at distances that used to terrify HR departments. Here is the irony at the centre of the whole story. The scam looks legitimate in 2026 because legitimate hiring now looks like the scam.
By the time anyone bothered to count, reported losses to job-and-employment-agency scams in the United States had climbed from about ninety million dollars in 2020 to one hundred and thirty-one million in 2021. Then one hundred and seventy-nine. Then two hundred and eighty-six. Then five hundred and one million for the full year of 2024, according to the Federal Trade Commission's Consumer Sentinel Network. Reports tripled across the same window. The Canadian Anti-Fraud Centre logged its single largest category increase in 2024 too, and the agency's own footnote pinned almost all of it on a thing they called task-driven scams.
Here is what task-driven means. But first, the older versions, because all three are still working in 2026.
Version One
The first version, the one that took off when remote work did, kept things simple. The fake recruiter would walk you through a couple of friendly text-only interviews. Sometimes a phone call. A polished offer letter would follow, complete with a corporate logo lifted off Google Images. Then the ask would come, framed as standard onboarding paperwork. Social insurance number. Driver's licence. Bank routing details. Direct deposit, you understand. Have to set up payroll before your first day. The con ended with the credentials harvested or the fee collected, and the recruiter ghosted before lunch. The tell, the one investigators kept circling back to, was the email address. Real corporate recruiters at established companies do not write to you from Gmail. If the address ends in gmail-dot-com when the company has its own domain, that is the entire warning you will ever get.
Version Two
Around 2022, the second version showed up, and it brought a budget. Federal investigators began noticing video interviews where the candidate's lip movement did not quite line up with the audio. The face would smile a half-second behind the voice. Eye contact would slip during a complicated answer, the way an autopilot loses a lane. These were deepfakes. A face mapped over a real webcam feed in real time, run by someone reading from a script in a different country. The targets were almost always remote tech jobs, the kind where you would never meet a coworker in the flesh, the kind where the company would courier a laptop to your apartment and trust you to get on with it. The motive ran in two directions. Some impostors wanted access to corporate systems for theft. Others just wanted the salary, which they would skim and route back through bank accounts in jurisdictions that do not take North American subpoenas seriously.
The newer wrinkle is artificial intelligence as a scaling tool. The deepfake video is the visible part. Underneath, voice cloning has reached the point where a short audio sample is enough to produce convincing phone-call audio. Profile photos of recruiters are now generated from scratch by image models, faces that have never existed on a real person, scrubbed clean of the reverse-image-search problem that used to give the early scammers away. Cold messages translate themselves between Mandarin and English without the broken-English tells of older cons. Large language models run the chat side of the operation, letting one operator manage many conversations at once, where they used to manage a handful. The United Nations Office on Drugs and Crime documented a more-than-six-fold increase in deepfake mentions tied to Southeast Asian criminal groups in the first half of 2024 alone.
Version Three
The third version, the one driving most of the dollar losses now, is the one that should worry you most. It does not look like a scam at all. It looks like a part-time gig.
A stranger texts you. WhatsApp sometimes. Telegram. Plain old SMS. They have got piecework, they say. Liking videos. Rating products. Boosting an app store listing for some company that needs activity to climb the rankings. The pay is small, but the work is small, and you get a little dashboard on a website or in an app showing your earnings tick up in real time. Day one, they actually pay you. Twenty bucks, fifty, something just real enough to anchor the thing in your head as a job and not a swindle. Day three, you have completed a few sets of tasks. The system tells you you have levelled up. To unlock the next tier, the dashboard explains in cheerful sans-serif that you need to top up your account with a small deposit. Crypto, of course. The pay is bigger on the next tier. The deposit is refundable. You can see your balance growing. You make the deposit.
Why Crypto
Why crypto. Because crypto cannot be unsent. Once a bitcoin transaction confirms on the blockchain, no bank can reverse it, no chargeback can be filed, no fraud department can claw it back. Cards, e-transfers, wire transfers, all of those leave windows of recovery. Crypto closes the window the moment the deposit clears.
The deposit is gone the second it leaves your wallet. The balance you can see in the app is theatre, just numbers in a database the scammers control. The next set of tasks will require another deposit. The set after that, another one. The math the dashboard shows you will always tell you that you are forty bucks shy of the cash-out threshold.
The Federal Trade Commission's December 2024 data spotlight identified zero of these scams in 2020. By the first half of 2024, there were roughly twenty thousand of them reported, against five thousand for all of 2023. They accounted for thirty-eight point eight percent of every job-scam complaint filed in those six months. Cryptocurrency losses to job scams nearly doubled in a single six-month window against the entire previous year, and annualized the rate was closer to a quadrupling. People over the age of sixty reported job-scam losses of about thirty-three million dollars in 2024 alone, a roughly threefold jump from the year before, almost all of it tied to task work. The Canadian numbers tell the same story in a smaller currency. The Canadian Anti-Fraud Centre has said publicly, more than once, that it only hears from somewhere between five and ten per cent of victims. Multiply accordingly. The real bill is much worse than the printed one.
Where the Money Goes
Where the money goes after it leaves you is no longer a mystery. United States Department of the Treasury sanctions filings and United Nations Office on Drugs and Crime reports have spent the past two years mapping the back end. The bulk of these operations, particularly the task-scam variant, are run out of compounds in Cambodia, Myanmar, and Laos. Crypto is the rail. The rail crosses borders that do not honour subpoenas. The U.S. Treasury Department's official estimate is that Americans lost at least ten billion dollars to Southeast Asia-based scam operations in 2024 alone, up sixty-six percent over the year before. Canadian victim recovery, in dollars actually returned, sits at near-zero for any case where the funds left the country in cryptocurrency.
There is a darker corner of this story you should know about, even if you would never personally see it. The compounds running these scams are staffed in part by trafficked workers who answered job ads of their own. The ad promised data entry. Customer service. A logistics coordinator role somewhere in Southeast Asia. The flight was paid for. The contract looked real. They arrived to find their passports confiscated and themselves sitting at a cubicle, hitting quotas on a script, with armed guards posted outside the building. Canadians have been found in these compounds. Global Affairs Canada has issued travel advisories on the region. If you suspect someone you know has gone non-responsive after a job offer in Southeast Asia, Global Affairs Canada's Emergency Watch and Response Centre runs twenty-four hours a day at 1-613-996-8885, and that is the first call to make. If you see an overseas job ad that pays unusually well for general office work in a country you have never been to, treat that ad with the same suspicion as the task-scam text message. The mechanism is the same. Different end of the operation.
How to Stay Out of It
All three versions of the scam still work in 2026. The first version still works because companies still hire over email. The second version still works because companies still hire by video. The third version works because very little about the underlying psychology has changed. People want flexible work. People want to believe a small deposit will release a larger payout. People want the dashboard to be telling the truth. The infrastructure has improved on the criminal side. The defences have improved on the platform side, with LinkedIn alone reporting tens of millions of fake accounts removed every six months. Dollar losses keep climbing anyway.
So how do you keep yourself out of this.
Watch the front door first. A real recruiter at an established company writes to you from a corporate email domain. If the address ends in a personal-mail provider when the company has its own domain, walk away. A real interview happens on a verifiable platform. Zoom links from a corporate calendar invite. Microsoft Teams. Google Meet through the company's own tenant. Real recruiters do not conduct entire hiring processes by Signal, WhatsApp, or text message. If yours does, that is your warning.
Watch what they ask for and when. No legitimate Canadian or American employer asks for your social insurance number, social security number, driver's licence number, or banking details before you have signed an offer. None. The phoney onboarding portal is one of the older variations of this con and it still works because the request feels mundane. Slow down. Phone the company through a number you found independently, not one the recruiter gave you. Walk the question up the corporate ladder until you hear from a human whose voice you can verify against a real org chart.
Watch what they ask you to do. If a job involves receiving money in your bank account and forwarding part of it elsewhere, the job is money laundering and you are the mule. The legal exposure is not theoretical. In the United States, federal mule charges include mail fraud, wire fraud, bank fraud, and money laundering, with prison sentences as long as thirty years. In Canada, money laundering under section 462.31 of the Criminal Code carries up to ten years on indictment. RCMP enforcement on student-mule networks, including Project OCTAVIA in 2020, has flagged immigration-status consequences for international students drawn into these schemes. If a job involves accepting packages at your home address and reshipping them overseas, the goods were bought with a stolen credit card and you are a fence. If a job involves cashing a cheque and wiring some of the proceeds, the cheque will bounce, often weeks after the wire clears, and your bank will come for the money.
If a job involves liking videos, rating products, optimizing listings, or completing repetitive tasks in an app for piece-rate pay, treat it like an open flame. The whole structure exists to walk you, sixty cents at a time, toward a deposit you will never get back. There is no honest version of this work. None. The pay you can see on the dashboard is not real money until it lands in a bank account, and it will not land in a bank account.
Newcomers to Canada need a separate warning. Job-and-visa scams target permanent-residency applicants with offers that promise to fast-track immigration paperwork in exchange for a fee, or that promise a job offer engineered to satisfy Express Entry requirements. Immigration, Refugees and Citizenship Canada is unambiguous. No one can guarantee you a job or a visa to Canada. No registered immigration consultant will demand payment by wire transfer, prepaid card, or cryptocurrency. Verify any consultant through the College of Immigration and Citizenship Consultants register before you hand over a dollar. International students, post-secondary students more broadly, and people who arrived in Canada in the past five years carry the highest documented exposure on the Canadian risk indexes that track this category.
If You Are Hiring
If you are doing the hiring rather than the looking, you carry your own version of this risk. The same infrastructure that runs candidate-side scams runs hiring-side ones, where the person you are about to put on payroll is not who their resume says they are. Insist on live video on a verifiable corporate platform, not a phone call and not a chat thread. Match identity documents against the payroll details the candidate submits later, including the bank where the direct deposit lands. Cross-check the address you are shipping the laptop to against the candidate's stated location, and treat any request to reroute the device after onboarding as a serious red flag. The federal advisories on this category exist for good reason. Read them.
If You Have Already Been Hit
If you have already realized something went wrong, the first twenty-four hours matter most. Stop sending money immediately, no matter what the dashboard tells you, no matter what the supervisor promises about unlocking your balance if you just complete one more deposit. Call your bank's fraud line and tell them what happened. If a cheque was deposited and funds wired out, the bank may be able to flag the receiving institution before the wire clears its second leg. Screenshot every conversation thread before the scammer's accounts go dark, which they will, often within hours of the victim catching on. Save the WhatsApp number, the website URL, the wallet address you sent crypto to, the names used by the recruiter and the supposed manager. Investigators need that data even when they cannot recover your money, because aggregating it across thousands of reports is how the platforms get shut down.
Then report what you saw. In Canada, the Canadian Anti-Fraud Centre takes reports at reportcyberandfraud.canada.ca or 1-888-495-8501, and your local police should be told if any money actually moved. In the United States, the FTC takes reports at ReportFraud.ftc.gov and the FBI takes them at IC3.gov. If you handed over a social insurance number, call Service Canada at 1-866-274-6627 immediately. Service Canada will also tell you, plainly, that requesting a new SIN does not erase the old one and may increase your fraud exposure rather than reduce it.
If you sent crypto, accept that recovery is unlikely. Then expect a second attempt on you within weeks. The FBI issued a public advisory in August 2025 warning that fictitious law firms and recovery services prey on crypto-scam victims a second time, charging fees up front to recover funds they cannot recover. Treat any unsolicited offer to help you get your money back as the next scam.
The Canadian Gap
There is one structural gap Canadian readers should know about. In the United States, victims of identity theft can place a security freeze on their credit file at all three bureaus for free. In Canada, security freezes are available only in Quebec, which legislated the right under the Credit Assessment Agents Act in February 2023. Everywhere else in the country, the strongest available consumer tool is a fraud alert, which prompts lenders to verify identity before opening new credit but does not actually block access to the file. Equifax Canada at 1-800-465-7166 and TransUnion Canada at 1-800-663-9980 both offer free fraud alerts that last six years. If you live in a province other than Quebec and you have just had your SIN compromised, this is the gap you are working with.
Plan around it.
None of this is going away. The labour market in 2026 is still soft enough, the appetite for remote work is still strong enough, the infrastructure is too cheap and the enforcement too slow. The cons that worked in 2020 still work. The cons that work in 2026 are running on top of them.
The next version, whatever it looks like, is being tested somewhere right now, on someone exactly like you, on a Tuesday morning, with the radiator clicking and a fresh coffee going cold beside the laptop.