Andre's Blog
Perfection is when there is nothing left to take away
Is it phishing? No, just RIM sending their recruitment mail...

A couple of days ago I got an email from Human Resources. No company name. The subject suggested phishing - RIM: Important information about your application at Research in Motion. I looked at the SMTP source before opening the message and saw the usual phishing email - your account has been updated, please go ahead and reset the password, etc, etc.

The return address was, which is not RIM's domain name and further confirmed the nature of this email. The email addressed me by name and provided a link to to reset the password. Temporary numeric user name and password were provided and there was a base64-encoded HTML file named current_email_in_html.html. A text-book phishing email.

So, I decided to contact RIM and notify them that there's phishing going under their name. Boy, was I surprised - the careers section of their website linked to So, RIM does indeed outsource recruitment to Taleo and it was a legitimate email from RIM!

You would think that in this day and age a company like RIM whose specialty is communication and email would pay attention to security of their communication with potential employees, but no, that's certainly not the case. Apparently, somebody at RIM didn't bother verifying what their outsorcing company is doing and somebody at Taleo just doesn't have a clue about what they are doing.

Posted Wed Apr 16 20:35:56 EDT 2008 by Eradj

HR folks barely know what technology really means. I am sure, if someone from management level found out what was going it would get the proper attention. At the end of the day it is the image of the company at stake.

Posted Mon Nov 30 20:31:01 EST 2009 by Rim Finder

Still the same 1 year later,


Received: from (LHLO
( by with LMTP; Wed, 11 Nov 2009
00:46:45 +0100 (CET)
Received: from ( [])
by (Postfix) with ESMTP id BEED720140
for <>; Wed, 11 Nov 2009 00:46:44 +0100 (CET)
Received: from ([])
by (MXproxy) for ;
Wed, 11 Nov 2009 00:46:45 +0100 (CET)
X-ProXaD-SC: state=HAM score=50
Received: from nyprap86 (localhost.localdomain [])
by (Postfix) with ESMTP id 07F0118042
for <>; Tue, 10 Nov 2009 18:46:44 -0500 (EST)
From: RIM Organizational Development <>
Message-ID: <5449888.163001257896804031.JavaMail.rcc@>
Subject: Thank you for your application for Associate, BlackBerry Customer
Technical Support (E-Support) - 0903218
MIME-Version: 1.0
Content-Type: multipart/mixed;
X-Priority: 3
X-MSMail-Priority: Normal
Importance: normal
Date: Tue, 10 Nov 2009 18:46:44 -0500 (EST)

Posted Tue Jun 29 05:35:51 EDT 2010 by Katharine

So weird.  I just received one this morning from a major pharmaceutical company that I would love to work for.  The return address was From: Human Resources (hr-<major-pharma>

It contained the exciting news that "The Consumer Affairs Intake Coordinator, Mentor position (9542100617) at <company I never heard of> recently opened"

Huh?  Who's <company I never heard of>?.  This smelled phishier and phishier.

It does link back to Taleo, so maybe this is just a really unnerving user interface.  I'm going to take your posting under advisement and pursue the position.


Posted Tue Jun 29 06:54:10 EDT 2010 by Katharine

Too bad.  Emboldened by your posting, I checked out the job itself.  It would have been a great fit for me--if it weren't all the way across the continent.

Besides the user interface, I guess Taleo needs to improve its geographic search functions...

Posted Wed Jun 30 17:13:44 EDT 2010 by Andre

Thanks for the update. I find it amazing that two years later Taleo works the same way!

Hope it works out for you :)

Posted Thu Aug 26 11:18:45 EDT 2010 by Aleksandra

I have just received an email from the HR dep't of Deloitte with the address: and it went straight to the spam box. Very weird that such a company usues such a domain. can someone explain how it works.Thanks:)

Posted Sat May 14 00:18:44 EDT 2011 by ATM

i got one too .... this time from "" telling me that they are considering my profile and their HR would contact me back if something suitable comes up. I am really confused ... is this SPAM or is this for real ?

Posted Wed May 18 08:38:38 EDT 2011 by Andre

If it links back to some subdomain at, then it's most likely a legitimate email sent by Taleo on JP's behalf. If there are other links, you need to be careful.

Posted Sun Sep 11 19:47:01 EDT 2011 by Master Moose

I am a Systems adminstrator for a large business.

Companies do not oursource their recuritment to to Taleo, They use the Taleo suite of recruitment tools.

The @invalid email is what taleo sets as defaults for correspondence - The only reason you are receiving these messages is that my equivallent at RIM and these other companies did not change this did not want to change these.

Posted Thu Jan 19 21:20:21 EST 2012 by Judy

If they want me to open their email, they'll have to do better than that!

Posted Sat Jul 13 14:19:37 EDT 2013 by J
Invalid email means they don't want a reply. They just want a one way street communication.
Posted Thu May 1 20:24:58 EDT 2014 by B

 I received an similar to this. My IT dept deliberately sends phishing-email to it's employees to test company phishing attempts. I would forward any email similar to this to your IT department.   

Posted Sat Jan 24 06:13:46 EST 2015 by Mr T

Got a same mail from Barclays, domain

Posted Thu Apr 9 10:36:17 EDT 2015 by Eljae

I received an email with the same address from a taleo (tfl recruitment). The message is not bogus it appears as in my taleo account there is indeed the same message.

Posted Thu Jun 11 13:33:41 EDT 2015 by K

 I received a congratulations email with "Recruitment Services <>" as the from email address. That's just the address that's shown. Otherwise, individual or group HR mailboxes would be inundated by applicants.

Posted Wed Jul 8 19:52:47 EDT 2015 by Z

The is commonly used when sending emails from the Taleo system.  If the company's domain name was listed as the from email, but the email was sent from Taleo servers, your email would most likely consider it to be spam because it is coming from a Taleo server with another company's domain.  That would be spam and phishing.  @invalidemail is registered as a valid email from the IP addresses of Taleo servers.

Certainly verify the information before entering any private data, but you should be expecting emails from them if you have applied to jobs with them.




Posted Sun Feb 28 09:26:56 EST 2016 by JPS

 But still confused. Why they should use invalid ; even the one stright communication? why not using their own web it self..?

Posted Thu Jan 11 15:06:54 EST 2018 by asd

 Taleo needs to be re-investigated based on the information that came to light about how the actual computing chips of Intel et al could be misdirected.  If you are getting a reply from "someone" in HR from a big pharma or a big bank (Morgan, Barclay, etc.) HR department, your name is on a list that an algorithm runs - no one in HR looked at your resume, or ever will, and the reason for that is economic - all the equity you have built up over your years of working will disappear, never to return - now go sign up for Uber or Lyft...

Posted Wed Oct 17 09:35:46 EDT 2018 by Nitish

I too received the mail for barclays from this domain. But instead of clicking on any links, i went to barclays taleo and manually searched for that job id and applied. 

Posted Tue Oct 23 16:39:22 EDT 2018 by Just like WoW

I just got an email from a major mining company that I wanted to work for an put in an application.  Got a phishy ass reply.  Same shit, Taleo.  I can't believe these multi billion dollar companies rely on this crap.


from: Human Resources




Posted Sun Dec 9 12:15:50 EST 2018 by RR

Got a same mail from Fujitsu, domain

Posted Wed Feb 6 18:04:30 EST 2019 by Anonymous

Still happening in 2019.  Good god.

As part of our hiring process, we require all candidates to complete an Employment Application and eSignature. Please log into the system using the links below as soon as possible to complete the same.
Please click here (link remoto access your user profile.  If you have not yet registered, you may do so by entering the username provided below.
If you have not yet registered, or you have forgotten your password, please click on the "Forgot Password" link and enter your email ID when prompted.
We thank you for your interest in Capgemini.

Best Regards,
Capgemini Recruiting

You may refer to our Privacy Policy available at capgemini website that I removed to try to submit this post...

Replies to this message are undeliverable and will not reach the Human Resources Department. Please do not reply.


Posted Sun Mar 1 09:14:50 EST 2020 by Go Cubs GO

 I received an email two days ago to complete an application from an email address:


This is 2020 and this shocking.
Posted Tue May 12 10:27:53 EDT 2020 by Anonymous

I too received an email today after receiving HR call from Liveconnections from id

Is it fake or Genuine ?



Posted Thu Aug 20 20:46:38 EDT 2020 by Deborah Harkins
Posted Sat Sep 12 12:33:19 EDT 2020 by SeaBass

To summarize from the various comments...

1) They use the invalid email for one way conversation.

2) The mails come through taleo Servers and not the company's

3) Could be spam

4) Don't click on links to enter personal details.

I would suggest to look out for hints such as poor grammar and spelling mistakes, and recruitment procedures generally don't require candidates to make a payment.

Its 2020 and i still cant believe that giant companies are still unwilling to fix this issue!!! 








Posted Tue Oct 27 12:41:15 EDT 2020 by Anonymous

 Just happened to me today. Onboard for email for one of the largest insurance companies in the U.S. and they’re sending me this crap? Lucky I didn’t delete the email without thinking. Looks just like a classic email phishing attack despite being completely legitimate.

Posted Fri Nov 13 09:55:30 EST 2020 by ADAMOU ABDEL

 Thanks you SeaBass for the answer.

Posted Wed Apr 28 17:30:18 EDT 2021 by Anonymous

Received such mail from OECD today. It seems genuine, however very strange way of communication. 

Posted Tue Aug 24 22:38:35 EDT 2021 by Anonymous

 Got a job offer, and I accepted.  In the verification process they sent an email with the "invalid" email address with links where I am supposed to upload my tax return.  Planning on going personally to the company to show whatever documents they need to verify my identity.  This is a BIG company.  What do you guys think?