Crate App Scam Follow-Up: Umicas.net Exposed as Ad Fraud Trap Targeting Tech Workers

Maiko CasperMaiko Casper
7 min read

Back in March 2025, I shared my experience with a suspicious job opportunity from a company called Crate App. Since then, I’ve discovered that I wasn’t alone, not by a long shot.

Not only have others reached out with the same email scam, but the so-called job link they sent me leads directly to a website called Umicas.net, a site now increasingly tied to recruitment scams, ad fraud, and behavioral tracking.

A Pattern Emerging: Umicas.net and Crate App

After my original post, someone sent me a Reddit thread where others complained about Umicas.net. I recognized the format immediately, the same kind of vague tech job posting, fake application form, and empty promises.

Crate App had linked me directly to Umicas via this URL:
https://umicas.net/umicas_apply?Job.ckl=1736105918867x864133190785957900

Despite ignoring the first few emails, they kept following up, just as they had with other victims. Eventually, people started reaching out.

Real People. Fake Jobs.

One reader, let’s call him Anthony, sent me his frustrations:

“They’ve been flooding my LinkedIn feed with a dozen new job postings every day all promising ridiculously high salaries for entry-level front-end roles. The whole site feels like a spam factory, packed with ads and sketchy redirects. Honestly, LinkedIn should crack down on these kinds of fake recruiters; they’re just wasting people’s time and polluting the job market with scams.”
- Anthony

Another reader, let’s call him Jack, reached out with his own story:

“I applied to a Crate App job in Sacramento but got redirected to a job post for Mountain View. I noticed the page had large blank spaces (which later showed as ads on mobile). I even tried to book an interview but nothing was available for the next 3 months.”
- Jack

Jack didn’t stop there. He downloaded the entire webpage and ran it through AI analysis tools. Below is a summary of his technical report, which clearly exposes what’s really going on behind these “job application” pages.


Fake Job Website Analysis (Provided by Jack)

Date of Report: May 19, 2025
Page Analyzed: Cached files from Umicas.net Software Engineer job listing
Purpose of Site: Ad monetization & behavioral tracking, not recruitment

Key Findings

1. Website Behavior

  • No real form: The page looked like a job listing but had no input fields or submission options.

  • Fake interview scheduler: Integrated Calendly, but no slots available for months, a delay tactic.

  • Ad-heavy layout: Excessive use of ad iframes, visible especially on mobile without blockers.

  • Analytics overload:

    • Segment

    • Braze

    • Pendo

    • OneTrust

    • Google reCAPTCHA

2. JavaScript Activity

  • Dozens of scripts loaded from cache:

    • ajs-destination.bundle.js, analytics.js, pendo.js, telemetry.js

    • Lazy-loaders and tracking injectors: 5843404183e0e2708588.js, 449cd4534726259c2a8c.js

  • Used Function() and setTimeout() to dynamically load further content often seen in code obfuscation, though no malware was detected.

3. Malware Scan Results

  • No .exe, .dll, .zip, or binaries detected.

  • No clipboard access, WebSocket tampering, or hidden iframes.

  • No service workers or exploit code in Jack’s test environment.

4. User Risk Assessment

Threat TypeRisk LevelNotes
Malware/Exploits❌ LowNo active infection or file download found
Phishing❌ LowNo login or sensitive input forms present
Ad Fraud✅ ModerateClearly built to serve and profit from high-volume ads
Fingerprinting✅ ModerateMultiple tools log user behavior, session length, and IPs
Scam Baiting⚠️ ModerateMisrepresents itself to keep users engaged deceptively

5. Technical Artifacts

  • Programmatic ad scripts with dynamic loading

  • Calendly embed to simulate legitimacy

  • Embedded JSON structures to personalize UI and job description


⚠️ Jack’s Conclusion:

“This wasn’t just a low-effort scam this was a polished ad fraud trap. They’re profiting from job seekers’ attention without offering any real opportunity.”


The Reddit Thread That Confirms Everything

If you're still unsure whether Umicas.net is part of a larger scam, look no further than this Reddit thread on r/recruitinghell, where multiple users shared eerily similar experiences.

https://www.reddit.com/r/recruitinghell/comments/1ik4ni6/what_is_up_with_umicas/

The original post asked a simple question:

“What is up with Umicas?”

The replies paint a clear picture:

  • “I received the same kind of job listing - remote developer position. Looked legit until I realized I couldn’t actually apply.”

  • “I thought I was going to book an interview, but it just kept looping me to a calendar with no slots.”

  • “I saw 5+ ads on mobile. Desktop looked clean. Feels shady.”

  • “Same here. Got contacted via LinkedIn and redirected to Umicas. No way this is a real company.”

hese aren't isolated incidents. They’re consistent with what I and others experienced - fake listings, ad-filled pages, bogus Calendly links, and zero follow-up or real contact.

What's worse? People are wasting time, giving attention and even trust to what seems like a real opportunity - when it’s all just a cleverly disguised monetization trap.

Redditors speculated whether this was a lead gen scheme, phishing setup, or even a honeypot for resumé data. Thanks to Jack’s technical report, we now know it’s ad fraud and behavioral tracking - not phishing, but still highly exploitative.

So… What Is Umicas?

In short: it’s a deceptive platform that uses the illusion of job applications to trick users into loading ads and handing over behavioral data. The links, while not delivering malware (yet), exploit our trust and time for profit.

Whether or not Umicas is run by the same people behind “Crate App” is unclear. But their tactics and infrastructure are alarmingly connected.

Additional Investigation: jacob@getcrate.app and umicas.net

Since publishing my original post, I’ve dug deeper into the entities behind the suspicious Crate App job offers. Two key names keep popping up: the email address jacob@getcrate.app and the website umicas.net.

After researching, here’s what I found:

  • The email jacob@getcrate.app appears to be linked to no verifiable individual or legitimate organization. The domain getcrate.app does not have any clear affiliation with a real company or service. It’s likely a generic or disposable email used solely for these outreach campaigns.

    The website umicas.net, which was used as the host for some job application links (including those Crate App provided), has been flagged by multiple online scam and security platforms as suspicious:

    • ScamDetector gave umicas.net a low trust score of 40.5 out of 100, warning that it is located near suspicious sites and may be involved in phishing or spam activities.

    • ScamAdviser noted that while umicas.net has a valid SSL certificate, its owner’s identity is hidden behind a paid privacy service, a common tactic used by fraudulent sites to avoid accountability.

  • Additional information:

    • The domain umicas.net was registered on June 23, 2023, and is set to expire on June 23, 2025.

    • It is registered through Automattic Inc., which is a reputable registrar, but domain registration details alone don’t guarantee legitimacy.

Given these findings, I strongly urge caution when dealing with any communication or job offers from jacob@getcrate.app or umicas.net. If you receive emails or see job postings linked to these, verify their authenticity independently before sharing any personal information or engaging further.


How to Stay Safe as a Job Seeker

  1. Inspect all URLs if you’re redirected to domains like umicas.net, don’t proceed.

  2. Check the content no application form or legitimate contact = red flag.

  3. Avoid calendar integrations from companies you haven’t verified.

  4. Use ad blockers like uBlock Origin to catch hidden behavior.

  5. Look for user reports Reddit, Blind, and even blogs like this often get there first.

  6. Report these domains to your browser security team, Google Safe Browsing, or FTC.


Final Thoughts

This is no longer just a personal anecdote. It’s a pattern.
A deliberate scheme targeting remote tech workers with professional-looking, data-harvesting scams under the guise of hiring. Whether you’re a junior dev or a seasoned engineer they’re targeting you.

Thanks to people like Jack, we now have clearer proof that these aren't harmless spam they’re intentional ad fraud mechanisms operating under fake recruiting fronts.

If you've seen these emails or visited Umicas links, you’re not alone. And if you've got more info, please reach out.

Let’s keep exposing these bad actors because no one deserves to be preyed on while simply trying to find a job.

references:
https://www.reddit.com/r/recruitinghell/comments/1ik4ni6/what_is_up_with_umicas/
https://www.scamadviser.com/check-website/umicas.net
https://www.scam-detector.com/validator/umicas-net-review/
https://shoppersvila.com/review/crate-app-careers-recruitment-scam-targets-tech-workers/
https://www.reddit.com/r/CryptoScams/comments/1iklr9j/scam_digital_crate_app/

#JobScam #RecruitmentScam #CrateAppScam #Umicas #FakeJobs #TechScam #JobSeekersBeware #RemoteJobScam #ScamAlert #LinkedInScam

0
Subscribe to my newsletter

Read articles from Maiko Casper directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Maiko Casper
Maiko Casper

Hey there! I'm Maiko Robles (you can call me Maiko — it's a nickname I use for security and peace of mind 😌). I'm a frontend developer with over 3 years of experience, passionate about building fast, user-friendly websites using Next.js, React.js, TypeScript, and Node.js. I hold a Bachelor's degree in Information Technology, majoring in Web Development, which means this isn't just a job for me — it's my responsibility to continuously learn and adapt. I'm not bound to just React or Next.js — I embrace new frameworks, languages, and tools as the field evolves. Web development is always changing, and I'm here for the ride. Let's build something awesome together!