Ask HN: How to protect yourself from coding challenge scam?
4 comments
It takes quite a bit of effort to determine that a repo is free of malware - very likely more effort that the coding challenge itself. And I would not rely on antivirus software.
Checking the background of the hiring company may help. Check the investors, board of directors, founders to make sure they are real and have a backstory. Search TeamBlind or Glassdoor for complaints.
Checking the background of the hiring company may help. Check the investors, board of directors, founders to make sure they are real and have a backstory. Search TeamBlind or Glassdoor for complaints.
Some useful ideas here:
https://www.aura.com/learn/how-to-identify-job-scams
https://www.aura.com/learn/how-to-identify-job-scams
I’d say only complete coding challenges that are sent directly from a prospective employer or that you yourself access via a coding challenge site. I’d never click on a coding challenge link posted in a social media link.
Remember that interviewing goes both ways. If an employer showed this level of incompetence at the interview stage, do you really want to work for them?
Do you have any advice on how to protect ourselves from this? Are there any recommended tools to scan such code? Is regular antivirus software sufficient?
I've seen several suggestions, such as always running this type of code in a VM or emulator. However, I think this solution only isolates the environment. Ideally, we need a way to determine if the code is malicious so we can decide to abandon the interview if it already seems suspicious.