A couple of days ago I got an email from Human Resources. No company name. The subject suggested phishing - RIM: Important information about your application at Research in Motion
. I looked at the SMTP source before opening the message and saw the usual phishing email - your account has been updated, please go ahead and reset the password, etc, etc.
The return address was RIM_Do_Not_Reply@invalidemail.com
, which is not RIM's domain name and further confirmed the nature of this email. The email addressed me by name and provided a link to rim.taleo.net to reset the password. Temporary numeric user name and password were provided and there was a base64-encoded HTML file named current_email_in_html.html. A text-book phishing email.
So, I decided to contact RIM and notify them that there's phishing going under their name. Boy, was I surprised - the careers section of their website linked to rim.taleo.net. So, RIM does indeed outsource recruitment to Taleo and it was a legitimate email from RIM!
You would think that in this day and age a company like RIM whose specialty is communication and email would pay attention to security of their communication with potential employees, but no, that's certainly not the case. Apparently, somebody at RIM didn't bother verifying what their outsorcing company is doing and somebody at Taleo just doesn't have a clue about what they are doing.
I got an email with @invalidemail apparently from Bank of Singapore saying they had successfully received my application....only problem was that i had not even uploaded my CV since I was still setting up my account at Bank of Singapore's recruitment site. I think it is CIA or MI5 or another competitor to Singapore trying to stop best talents from being hired outside of london/new york etc... Not sure why they go to such greag lengths...but it is a talent drven world and I am sure the employment visa websites are monitored to intercept best talents to bring them to the US or UK by hook or by crook.
@JH Hard to say without details, so just a couple of general thoughts (don't post any details, though).
If it was Taleo or another employment agency, you are probably Ok in the sense that your information eventually ended up in legitimate hands of some employment clerk.
If it was indeed a phishing attack, depending on what you shared, you may need to take some mitigation steps and ask around about what to do with regards to particular type of data affected (assuming it's more than just name and email).
In any case, if you entered any passwords in the process, make sure the same password not used anywhere else. If it is, change it immediately in those other existing places and keep this password in your records marked as compromised.
i received one such email and like a rookie i replied and entered personal information. it wasn't until i finished sending it that i realized it was a suspicious domain. am i in deep trouble?
can i do anything to protect myself after sending the info?
pleae help
And i thought i was the only one experiencing it... was skeptical about proceeding then i called HR... yeap! Taleo systems
And in 2022...
Still happening in 2021 from Taleo... crazy
Got a job offer, and I accepted. In the verification process they sent an email with the "invalid" email address with links where I am supposed to upload my tax return. Planning on going personally to the company to show whatever documents they need to verify my identity. This is a BIG company. What do you guys think?
Received such mail from OECD today. It seems genuine, however very strange way of communication.
Thanks you SeaBass for the answer.
Just happened to me today. Onboard for email for one of the largest insurance companies in the U.S. and they’re sending me this crap? Lucky I didn’t delete the email without thinking. Looks just like a classic email phishing attack despite being completely legitimate.
To summarize from the various comments...
1) They use the invalid email for one way conversation.
2) The mails come through taleo Servers and not the company's
3) Could be spam
4) Don't click on links to enter personal details.
I would suggest to look out for hints such as poor grammar and spelling mistakes, and recruitment procedures generally don't require candidates to make a payment.
Its 2020 and i still cant believe that giant companies are still unwilling to fix this issue!!!
I too received an email today after receiving HR call from Liveconnections from id humanresources@invalidemail.com
Is it fake or Genuine ?
I received an email two days ago to complete an application from an email address: hr-ctg@invalidemail.com
Still happening in 2019. Good god.
Best Regards,
Capgemini Recruiting
You may refer to our Privacy Policy available at capgemini website that I removed to try to submit this post...
Replies to this message are undeliverable and will not reach the Human Resources Department. Please do not reply.
Got a same mail from Fujitsu, domain invalidemail.com
I just got an email from a major mining company that I wanted to work for an put in an application. Got a phishy ass reply. Same shit, Taleo. I can't believe these multi billion dollar companies rely on this crap.
I too received the mail for barclays from this domain. But instead of clicking on any links, i went to barclays taleo and manually searched for that job id and applied.
Taleo needs to be re-investigated based on the information that came to light about how the actual computing chips of Intel et al could be misdirected. If you are getting a reply from "someone" in HR @invalidemail.com from a big pharma or a big bank (Morgan, Barclay, etc.) HR department, your name is on a list that an algorithm runs - no one in HR looked at your resume, or ever will, and the reason for that is economic - all the equity you have built up over your years of working will disappear, never to return - now go sign up for Uber or Lyft...
But still confused. Why they should use invalid ; even the one stright communication? why not using their own web it self..?
The @invalidemail.com is commonly used when sending emails from the Taleo system. If the company's domain name was listed as the from email, but the email was sent from Taleo servers, your email would most likely consider it to be spam because it is coming from a Taleo server with another company's domain. That would be spam and phishing. @invalidemail is registered as a valid email from the IP addresses of Taleo servers.
Certainly verify the information before entering any private data, but you should be expecting emails from them if you have applied to jobs with them.
I received a congratulations email with "Recruitment Services <do_not_reply@invalidemail.com>" as the from email address. That's just the address that's shown. Otherwise, individual or group HR mailboxes would be inundated by applicants.
I received an email with the same invaildemail.com address from a taleo (tfl recruitment). The message is not bogus it appears as in my taleo account there is indeed the same message.
Got a same mail from Barclays, domain invalidemail.com
I received an similar to this. My IT dept deliberately sends phishing-email to it's employees to test company phishing attempts. I would forward any email similar to this to your IT department.
If they want me to open their email, they'll have to do better than that!
I am a Systems adminstrator for a large business.
Companies do not oursource their recuritment to to Taleo, They use the Taleo suite of recruitment tools.
The @invalid email is what taleo sets as defaults for correspondence - The only reason you are receiving these messages is that my equivallent at RIM and these other companies did not change this did not want to change these.
If it links back to some subdomain at taleo.net, then it's most likely a legitimate email sent by Taleo on JP's behalf. If there are other links, you need to be careful.
i got one too .... this time from "JPMorgan_Chase@invalidemail.com" telling me that they are considering my profile and their HR would contact me back if something suitable comes up. I am really confused ... is this SPAM or is this for real ?
I have just received an email from the HR dep't of Deloitte with the address: hr-dtt@invalidemail.com and it went straight to the spam box. Very weird that such a company usues such a domain. can someone explain how it works.Thanks:)
Thanks for the update. I find it amazing that two years later Taleo works the same way!
Hope it works out for you :)
Too bad. Emboldened by your posting, I checked out the job itself. It would have been a great fit for me--if it weren't all the way across the continent.
Besides the user interface, I guess Taleo needs to improve its geographic search functions...
So weird. I just received one this morning from a major pharmaceutical company that I would love to work for. The return address was From: Human Resources (hr-<major-pharma>@invalidemail.com)
It contained the exciting news that "The Consumer Affairs Intake Coordinator, Mentor position (9542100617) at <company I never heard of> recently opened"
Huh? Who's <company I never heard of>?. This smelled phishier and phishier.
It does link back to Taleo, so maybe this is just a really unnerving user interface. I'm going to take your posting under advisement and pursue the position.
Thanks.
Still the same 1 year later,
-------------------------
Return-Path: RIM_Do_Not_Reply@invalidemail.com
Received: from zimbra6-e1.priv.proxad.net (LHLO zimbra6-e1.priv.proxad.net)
(172.20.243.156) by zimbra6-e1.priv.proxad.net with LMTP; Wed, 11 Nov 2009
00:46:45 +0100 (CET)
Received: from nyrelay.taleo.net (mx27-g26.priv.proxad.net [172.20.243.97])
by zimbra6-e1.priv.proxad.net (Postfix) with ESMTP id BEED720140
for <x@zimbra6-e1.priv.proxad.net>; Wed, 11 Nov 2009 00:46:44 +0100 (CET)
Received: from nyrelay.taleo.net ([64.94.160.144])
by mx1-g20.free.fr (MXproxy) for x@zimbra6-e1.priv.proxad.net ;
Wed, 11 Nov 2009 00:46:45 +0100 (CET)
X-ProXaD-SC: state=HAM score=50
Received: from nyprap86 (localhost.localdomain [127.0.0.1])
by nyprap86.ny.rsft.net (Postfix) with ESMTP id 07F0118042
for <x@free.fr>; Tue, 10 Nov 2009 18:46:44 -0500 (EST)
From: RIM Organizational Development <RIM_Do_Not_Reply@invalidemail.com>
To: x@free.fr
Message-ID: <5449888.163001257896804031.JavaMail.rcc@127.0.0.1>
Subject: Thank you for your application for Associate, BlackBerry Customer
Technical Support (E-Support) - 0903218
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_10967_10757227.1257896804029"
X-Priority: 3
X-MSMail-Priority: Normal
Importance: normal
Date: Tue, 10 Nov 2009 18:46:44 -0500 (EST)
HR folks barely know what technology really means. I am sure, if someone from management level found out what was going it would get the proper attention. At the end of the day it is the image of the company at stake.