April 29, 2026
Hiring Scam Detection as Adversarial Economics
A simple monotonic metric for detecting extraction in hiring, plus a copy-paste ChatGPT rescue flow for low-energy situations.
Hiring Scam Detection as Adversarial Economics
A fast protection rule for people who may already be under pressure
Most hiring scam advice is too slow.
It assumes the target is calm, analytical, well-rested, and willing to read a full article before acting. That is often false. People usually start looking for help when they are already depleted, rushed, hopeful, embarrassed, financially stressed, or halfway inside a process that feels wrong.
So the first requirement is not elegance. It is immediate usefulness.
If you do not have the energy to read the full article, do this right now:
- Copy the prompt below.
- Paste it into ChatGPT.
- Paste the full hiring conversation, job post, emails, Telegram chat, links, and files list.
- Follow the instructions ChatGPT gives you.
- Until the check is complete, do not run code, install software, log in through personal accounts, connect a wallet, or send documents.
Use this prompt:
I may be in a risky hiring process. Act as a strict security-focused hiring scam analyst.
Your job is not to be polite. Your job is to protect me while I may be low-energy, rushed, hopeful, or vulnerable.
Analyze this as an adversarial-economics problem, not just a tone or red-flags problem.
Apply Decoration Cost Asymmetry Test:
1. What resource is the counterparty asking from me?
2. What is the true cost/risk of that resource to me?
3. What verified artifacts have they provided to prove they are real?
4. Are those artifacts cheap to fake and easy to scale?
5. What higher-cost verification could a real employer provide with little effort?
6. Are they trying to extract valuable trust, access, documents, code execution, unpaid work, or identity before providing meaningful verification?
7. Is this merely suspicious, or operationally hostile?
Classify the situation as one of:
- Safe enough to continue
- Needs verification before any further action
- High-risk
- Hostile / scam by operational assumption
Then give me:
- a short explanation in plain language
- a list of the exact danger points
- the next 3 safest actions
- a reply message I can send immediately
- a strict do-not-do list for the next 24 hours
Assume:
- salary is not proof
- politeness is not proof
- a polished website is not proof
- Telegram is not proof
- a repo is not proof
- a test task is not proof
Default to protecting me from asymmetric harm.
And if you need a reply message immediately, send this:
Before I continue, please send the verification package:
1. official company role URL
2. email from your company domain
3. your LinkedIn profile
4. calendar invite from the company domain
5. legal entity or contract format for this engagement
After that I can review the process. I do not run code, install software, share documents, or authorize through personal accounts before company-side verification.
That alone will save some people from real damage.
The Core Idea
The cleanest rule I know is this:
A hiring process becomes dangerous when the other side asks for a high-cost resource from the candidate while proving their own legitimacy only through cheap, scalable theater.
This is stronger than ordinary red-flag lists because it looks at the economics of the interaction, not the surface style.
The question is not:
Do they look suspicious?
The question is:
Are they asking me to spend something expensive while they spend almost nothing to prove they are real?
That is the actual asymmetry.
The Metric
Call it the Decoration Cost Asymmetry Test.
You can model it very simply:
S = (U + R) / D
Where:
U= the value of the resource they want from youR= the risk attached to giving itD= the real cost of the verification they have provided on their side
The higher S gets, the more dangerous the process becomes.
This is useful because it produces a roughly monotonic metric. As the other side asks for more valuable trust, more access, more identity, more unpaid work, or more technical execution without increasing the cost of their own proof, the score rises in the direction that matters.
That is better than vague intuition.
What Counts as a Candidate Resource
Candidates often underestimate what is being extracted from them.
The resource is not only money.
It can include:
- time;
- attention;
- hope;
- emotional bandwidth;
- private contact data;
- documents;
- tax or banking identity;
- GitHub or Google account access;
- local code execution;
- app installation;
- wallet connection;
- unpaid labor;
- opportunity cost;
- the nervous-system cost of uncertainty and pressure.
This matters because many harmful hiring funnels do not aim for immediate theft in the crude sense. They extract energy, access, or obedience first.
And energy loss is not a fake loss just because it is harder to put on an invoice.
What Counts as Cheap Theater
Many things look professional while remaining extremely cheap for an attacker:
- Telegram outreach;
- a polished PDF;
- a copied job description;
- a fresh LinkedIn profile;
- a nice-looking website;
- a recruiter avatar;
- urgency;
- impressive salary numbers;
- a repo;
- a test task;
- a claim that "this is our standard process."
These are decorations, not proof.
Good proof has a different property:
It is cheap for a legitimate employer to provide and expensive for a scammer to fake reliably at scale.
That is the asymmetry you want to reverse.
Examples of stronger proof:
- an email from the company domain;
- the official role URL on the company site;
- a recruiter profile with real history;
- a calendar invite from the company domain;
- a video call consistent with the claimed identity;
- a contract or SOW flow;
- a paid test instead of unpaid extraction;
- a legal entity that survives verification.
Why This Is Better Than Ordinary Red Flags
Most red-flag systems are binary and brittle. They lead people to ask:
- "Is this definitely a scam?"
- "Can I prove malicious intent?"
- "Maybe they are just disorganized?"
That frame is weak.
The better frame is operational:
How expensive is my next move, and how much has the other side spent to justify asking for it?
Once you think that way, a monotonic metric appears naturally.
As candidate-side cost rises, employer-side verification must rise too.
If it does not, the process becomes less safe, regardless of whether the counterparty is a criminal, an incompetent operator, a chaotic founder, or a merely exploitative employer.
That is the real power of this method.
The Suspicious Interval Is Real
This point matters.
There is a suspicious range where the counterparty may not be a textbook scammer and may not even consciously understand themselves as destructive. But the relationship is still observably unsafe and may deserve immediate review or exit.
This interval is not about classification difficulty.
It is not just:
"We do not yet know whether this is scam or not."
It is:
"We already see a pattern of asymmetric extraction that can seriously damage the candidate even if the other side calls it normal business."
That is why suspicious employers often cluster near scammers on the same metric.
Not by accident.
The boundary between abusive business relations, dishonest asymmetry, and outright scam is often thinner than people want to admit.
The differences are real, but they are not comforting:
- the scammer usually knows the loss is the point;
- the suspicious employer may describe the process as normal or justified;
- the scammer often produces obvious loss quickly;
- the suspicious employer may produce slower losses in the form of energy depletion, confusion, unpaid labor, dependency, demoralization, or normalization of self-betrayal.
The long-term effects can be disturbingly similar.
People lose time, confidence, focus, safety margin, and the ability to evaluate the next opportunity clearly.
So if an employer sits inside that suspicious interval, the conclusion should not be:
"Probably fine, just hard to classify."
It should be:
"Something materially harmful may already be happening here."
A Practical Scorecard
If you want a blunt operational score, use this:
| Signal | Points |
|---|---|
| Messenger-first contact with no official email | +2 |
| No corporate domain email | +3 |
| No official role URL | +3 |
| Company identity is hard to verify | +3 |
| Heavy urgency or pressure | +3 |
| Requests CV or personal data before verification | +1 |
| Requests passport, tax, bank, or KYC data early | +8 |
| Requests repo execution or local command running | +10 |
| Requests app, APK, extension, or desktop install | +10 |
| Requests login through personal GitHub or Google | +10 |
| Requests wallet connection or crypto action | +10 |
| Refuses video, domain email, or company proof | +5 |
| Requests unpaid work before serious verification | +5 |
| Provides verified domain email | -3 |
| Provides official company role page | -3 |
| Provides recruiter profile with real history | -2 |
| Provides normal video call | -2 |
| Provides contract or paid test flow | -5 |
Interpret it like this:
0-3: low concern, continue carefully4-8: verification required before any costly action9-15: high-risk, do not provide more resources16+: hostile by operational assumption
This is not a legal verdict. It is a safety instrument.
The Most Important Design Principle
A good verification challenge should be:
- almost free for a legitimate employer;
- annoying, expensive, or fragile for a scammer;
- simple enough to use while the candidate is tired.
That is why the rescue flow matters.
A depleted person does not need a theory lecture first. They need a small action that changes the game immediately.
The LLM prompt does exactly that.
It places a second mind next to the user at the moment when the user is most likely to be pressured, isolated, flattered, rushed, or ashamed of seeming "paranoid."
No, that does not solve the whole problem.
But it can radically improve the situation in the moment, which is often the only window that matters.
The Minimal Protocol
If you want the short version to remember:
- Do not spend expensive trust against cheap theater.
- Before any costly action, demand higher-cost proof from the other side.
- If they resist simple verification, treat the process as hostile until proven otherwise.
- If you are tired, outsource first-pass judgment to ChatGPT using the prompt above.
- Protect energy as a real asset, not as an invisible one.
The One-Liner
The whole article can be compressed to this:
Hiring scam detection means finding where they demand expensive candidate trust while spending only cheap attacker theater.
And the next step can be compressed even further:
If you feel weakened, do not decide alone. Paste the conversation into ChatGPT, force an adversarial review, and raise the verification cost immediately.