My Articles

How a Job-Scam Nearly Hijacked My Android — And What You Should Know

Trigger warning: if you’re actively job hunting, this may hit close to home.

If you’re a job seeker, especially using mobile devices — don’t scroll past this.

My Story: How It Unfolded

Over the past few months, I’ve been applying to many roles via LinkedIn, Indeed, and other job boards. I knew scams were out there — everyone does — but I never expected this level of sophistication. This one was built to target Android users.

1. The “Legitimate” Job Invitation
   A few weeks ago, I applied for an IT support position through Indeed, at a company called Spade Interiors (I’ll call it that, though I can’t yet confirm if that name is real or fake).
   The next day, I got a message via Indeed from “the company” saying they wanted to move my application forward. They asked me to schedule an interview via a link. So far, so normal.

   
   

2. The Suspicious App Prompt
   When I clicked, instead of a calendar scheduler, the link prompted me to download an Android app from spadeinteriors.org. That immediately set off alarm bells in my mind. Legitimate companies don’t ask applicants to install apps to schedule interviews (especially not from obscure domains).

   
   

3. My Sandbox Experiment
   Because I suspected something off, I used an old Android phone (a “sandbox”) to test it. I installed the app — and that’s when the trouble began.

   • The app looked innocent — names like “Employer App with embed spyware underneath services - Update Services”, “Auto Update”, “Android Auto”, etc.

   • But under the hood it requested accessibility permissions and full-control permissions.

   • Over a few days, I watched the app act more aggressively: disabling SMS, remotely locking the screen with a fake “face update” screen, which you couldn’t bypass except by force-restarting the device.

   • When I stripped permissions, the spyware app immediately tried to request them again. When I cut its internet access, it still tried to reassert itself.

4. Identifying & Eliminating the Malware
   I disabled all apps and permissions I could, watched which apps immediately re-requested control, disabled their network access, and ultimately uninstalled the suspect apps. Once the spyware was gone, the abnormal behaviors stopped — but I had to act fast.

5. Lessons Learned (the hard way)

   • Be extremely wary of any job process that asks you to download/install software, especially mobile apps.

   • Legit companies won’t ask you to install “update services” or similar under the guise of hiring.

   • Use a separate device or sandbox if you ever need to test — not your main phone.

   • Monitor behavior: suspicious permission requests, background activity, auto-locks, SMS, etc., are red flags.