Employment scams jumped from $90M to $501M in 2020-2024, fueled by AI-perfect recruiters

Mary Ann Morrison did everything “responsible adults” are supposed to do. After applying for a role at the University of Arkansas in Little Rock, she received an email inviting her to set up an interview, with a Microsoft Teams meeting link that looked professional. Then she did the one thing scammers can’t tolerate: she checked. The link claimed she needed to update Teams, but her Teams app showed no such update. When she scrutinized the sender and compared it to the university directory and HR email domains, the recruiter did not exist and the email addresses did not match.

Morrison reported the scam to the university, which said it would warn others. Her story is a preview of the bigger problem Fortune highlights: employment scams are not just more common. They are more convincing, more persistent, and they are costing Americans real money at industrial scale. Between 2020 and 2024, losses from employment scams grew from $90 million to $501 million, after reports to the Better Business Bureau nearly doubled last year compared with the year before, and nearly 50,000 people reported falling victim in just the past three years.

So what’s changed? The short answer is AI. Roger Grimes, a chief information security officer advisor at KnowBe4, describes a shift from low-effort “obvious scam” emails toward fraud that behaves like legitimate recruiting. AI can improve grammar, make messages feel less “generic,” and reduce language barriers. It also changes how attackers operate: scams can now be tailored to signals from your online activity and executed with less human effort.

That matters because the classic red flags are getting weaker. Grimes says scammers often target job seekers with a “perfect dream job,” offering high salaries, remote work, and benefits like child and elder care. Some post jobs directly on platforms like Indeed or LinkedIn. The pitch often comes with urgency. Scammers may push you to click links that download malware, or they may ask for money upfront by claiming it is for background checks, with reimbursement promised later. The mechanics vary, but the incentive stays consistent: get payment from the victim, or route the victim’s attention to the victim’s employer.

Vanessa Goodman’s experience shows how quickly the scam escalates once they have a resume. After she put the hashtag “open to work” in a LinkedIn post, fake recruiters claiming to work at Microsoft and the cybersecurity firm Palo Alto Networks started reaching her inbox. They sent connection requests, then emailed her about open positions at those companies. After she sent her resume, the fake recruiters sent an offer letter and began requesting “separate supporting documents” needed before an interview. The timeline and turnaround pressure were part of the playbook.

Then came the payment pivot. The documents were to be prepared using a third party that would charge $800. Goodman said the scammer told her she would be reimbursed later. She received a link through PayPal to pay for the documents, but the name didn’t match the person she was corresponding with. She was then told to send payment through Remitly and Upwork, but the accounts were not working, with the scammer claiming a “network outage.” Goodman suspected she was blocked because payment services recognized the scam. Regardless, the pressure did what it’s designed to do: once payment rails fail, scammers try to make time itself the leverage. Goodman described “the sense of urgency” as “you need to pay me by x time.” Even after she blocked the fake recruiters on payment apps, Teams, and email, they called three times late at night using the number she provided on her resume, and she said she had to uninstall the WhatsApp app to stop the fallout. The operational point for decision-makers is not just that fraud happens. It’s that it persists across multiple channels.

There is also a geographic and infrastructure reality behind why this is so hard to stop. Grimes said scammers are usually based outside the U.S. because it is difficult to track cyber crimes across international borders. He also lists Russia, Ukraine, and India as top cybersecurity hubs. That international spread limits enforcement reach and slows down the feedback loop between victims, fraud platforms, and regulators.

AI is making the technical side easier and the detection side harder. Grimes says more than 80% of phishing attempts use AI. He adds that AI-enabled scams were 4.5 times more profitable than traditional scams, citing blockchain firm Chainalysis. He also points out a generational shift in how people think about “hacking.” New graduates may no longer imagine an attacker in a hoodie. They may assume “the hacker” is simply an AI bot that auto-generates believable messages and “did all the hacking.” That mindset can make the threat feel less personal, even though it is.

There are, however, specific defensive moves that Grimes recommends, and they translate cleanly into the way companies should train employees and secure processes. First: when you receive recruiting messages, reach out through official emails or phone numbers listed on the company’s website. Second: verify the recruiter’s profile, because new accounts and few followers are red flags. Third: treat upfront fees, requests to download software, and document-download tactics as warning signs, especially when a job offer comes with short turnaround and promises that feel “too good.” Fourth: “when in doubt, chicken out,” Grimes advised, and contact the brand through known channels.

For boards and executives, the second-order implication is that this is no longer only a consumer problem. It is a human and identity problem that targets workflow and talent pipelines. If scammers can trick individuals into moving money, clicking links, or routing communications through spoofed channels, then recruiters, IT, and security teams need a shared playbook. Grimes’s advice on training is blunt: “You need AI to beat AI,” because human beings aren’t always perfect at detecting scams, and you must “secure the humans” and also “secure the agents the humans are using.” For decision-makers, that means treating scam detection like a control environment, not a personal responsibility exercise. The more convincingly AI can mimic legitimate recruiting, the more your organization’s training, verification, and reporting paths become part of your cybersecurity posture.

The ultimate stake is talent and trust. When job scams spread with AI-grade realism, the cost shows up twice. There is the direct loss and the psychological toll for victims like Morrison and Goodman. Then there is the drag on labor markets and employers, as fraud attempts increasingly try to reach companies through their candidates. In a competitive hiring cycle, even small frictions caused by scam calls and blocked apps can distort applicant behavior. Meanwhile, the measurable losses from 2020 to 2024 suggest the problem is not a temporary glitch. It is a durable business model, now turbocharged by AI.