Been through this 3 times in the last 6 months. They're getting better. Very credible LI profiles, code looks OK if you only take a glance... The bell start ringing when they insist you to run locally their sh*t
Been through this 3 times in the last 6 months. They're getting better. Very credible LI profiles, code looks OK if you only take a glance... The bell start ringing when they insist you to run locally their sh*t
Similar for me. One was for an overly very well paid position. I always run (p)npm audit before running npm repos, so lots of issues were found. I tried to fix them but I would have gone over the time limit. So I asked the recruiter about it and if it makes sense to run it in an isolated VM. No answer...
The other was for a DevEx crypto service. While I was very suspicious the code looked okay but the recruiter was strange and changed their profile to a different person eventually. I think this was a crypto stealing scam though since it required connecting to a wallet. I don't have any crypto though, so I might be okay for now. Although reinstalling my system clean would be the only sure way in theory...
The big red flag should be giving github access before signing any contracts.
Yeah at least when you interview locally in your areas, you get to meet them before you get a random test assignment.
But also online, once or twice I received these Leetcode style sites to register and do a few tests before we meet, which was weird for me and I just ignored it.
One of them later asked "Why I didn't have time to do it yet" and I told them I first meet people and check the fit before I do tests, like who the hell does that differently?
Hope it hasn't become a way more common thing.
They mostly use public repositories though.
Yeah, but that should also be a red flag.