Security Update: Staying Informed and Protected Against Fraudulent Job Postings

A message from Chad Kalmes, Udemy’s Chief Information Security Officer:

At Udemy, we prioritize the security and well-being of our community. As part of this, we want to call attention to a threat that’s putting job seekers at risk so we can collectively put a stop to suspicious activity. 

The Udemy Security team has discovered targeted, fraudulent job postings that falsely claim to be associated with Udemy, coming from individuals using the domain name ‘@udemyplacement.com.’ These deceptive posts aim to exploit individuals by requesting sensitive personal information and may lead to potential security risks. 

Unfortunately, scams like these are not uncommon. According to the U.S. Federal Trade Commission, fake job postings accounted for roughly 105,000 scams in 2023, and they are now seen as one of the fastest-growing types of scams as job seekers face an uncertain market. The FBI has recorded around 15,000 victims of fraudulent employment opportunities, who have collectively lost more than $52 million to these scams. 

We’re committed to stopping these fraudsters in their tracks and want to arm you with knowledge so you, too, can spot these scams before they inflict significant damage. 

Verified Udemy Job Postings and Warning Signs of Fraud

All legitimate job opportunities at Udemy are posted on our official careers page: https://about.udemy.com/careers/. Any communication regarding job opportunities will come from official company email addresses ending in @udemy.com.

The warning signs of a fraudulent Udemy job posting include:

  • Unsolicited job offers or postings on third-party websites that are not linked from our official page at https://about.udemy.com/careers/.
  • Requests for personal information (such as Social Security numbers and bank details) early in the recruitment process. Udemy won’t ask for anything sensitive, outside of basic contact information, until you’ve actually been hired and are being onboarded.
  • Poor grammar or spelling mistakes in the job description or emails.
  • Pressure to make quick decisions or immediate responses.

Security Best Practices

  • Verify the Source: Always cross-check job postings on our official careers page at https://about.udemy.com/careers/ before responding.
  • Protect Your Information: Never share personal, financial, or sensitive information over email or phone unless you are certain of the recipient’s identity and legitimacy. Udemy won’t ask for anything sensitive, outside of basic contact information, until you’ve actually been hired and are being onboarded.
  • Be Skeptical of Unsolicited Offers: If a job offer sounds too good to be true or comes unexpectedly, it likely warrants further scrutiny.
  • Use Strong, Unique Passwords: Protect all of your online accounts by using strong, unique passwords and enabling two-factor authentication wherever possible.

Steps We Are Taking

Udemy’s dedicated security team is monitoring the situation closely to ensure the safety of our community. In fact, the team is actively working with relevant domain registrars to address these fraudulent activities. 

Your Vigilance Matters

Your awareness and vigilance play a crucial role in preventing and mitigating the impact of these fraudulent activities. By following the best practices outlined, you can help protect yourself and others from potential scams.

Together, let’s create a safer online environment for everyone.