“You want me to give you what?”

RodtaylorRodtaylor SSCP, CAPM, SSGB, Project+,Member Posts: 1 ■■□□□□□□□□
Hello all, 

Is it me, or are more recruiters asking for PII such as last 4 of your SSN? I am in the market trying to land an IT role and this question has come up twice now by two different recruiters. When asked, I immediately think that the person is illegitimate. It may just be that I’m overly concerned for no reason. Please weigh in with some of your thoughts.

Comments

  • cyberguyprcyberguypr Senior Member Mod Posts: 6,909 Mod
    I have heard of this. There's absolutely ZERO reason to provide this unless an offer is made and they are onboarding you. Stay firm and send them to go pound sand.
  • securitychopssecuritychops OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64 Member Posts: 52 ■■■□□□□□□□
    That definitely feels kinda sketchy to me as well ...
    Current Certs   : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
    Goals for 2019 : OSEE
    Goals for 2020 : OSWE
  • mikey88mikey88 CISSP, CySA+, Security+, Network+ and others Member Posts: 494 ■■■■■■□□□□
    There are instances in the DoD world where a recruiter needs to verify your clearance. I agree with Cyberguy that if a legitimate case is not made, then decline.
    Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux

  • EANxEANx Member Posts: 1,078 ■■■■■■■■□□
    When I encounter this elsewhere, like a doctor's office, I simply don't give the information. It's rare that it's mentioned but when they do, I ask what they need it for and how they'll protect it. There are certainly instances where an employer or recruiter may legitimately need it so don't be defensive but anyone who comes out and asks for it to verify your ability to work in the country should be met with "I'm happy to fill out the Federal I9 form at the appropriate time."
  • rtaylor1174rtaylor1174 Registered Users Posts: 9 ■■■□□□□□□□
    edited March 2019
    Awesome advice! Thanks
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,894 Admin
    Many years ago I was applying for a programming job at a big-name InfoSec company in SoCal. On the top-right of the (paper) application form was a space for the applicant's SSN. I was stunned that a job app would ask for such PII and I left it blank. After the interview, I realize that it might have been a test to weed-out the non-security-minded applicants.
Sign In or Register to comment.