Skip to main content

Recognising and Reporting Suspected Account Compromise in PyjamaHR

Updated over 3 weeks ago

Executive Summary

PyjamaHR takes account security extremely seriously, using advanced SOC-2 compliant systems to detect and prevent account hijacking, hacking, and unauthorized access. This article explains how to recognize signs of account compromise, what triggers PyjamaHR’s security protocols, and provides a step-by-step guide for users to report, resolve, and prevent suspicious activity—ensuring your hiring data and candidate information remain secure.

Detailed Overview

What is Account Compromise in PyjamaHR?

Account compromise refers to any unauthorized access or suspicious activity on your PyjamaHR account, such as logins from unknown devices, locations, or browsers, or evidence of credential sharing. To protect users, PyjamaHR has implemented an active hijacking detection system as part of its SOC-2 compliance. When suspicious activity is detected, the system may freeze your account and require manual verification before access is restored.

Why Does This Matter?

  • Protects sensitive candidate and company data

  • Prevents fraudulent job postings and candidate scams

  • Maintains compliance with job board partners (e.g., LinkedIn)

  • Ensures only authorized users can access your hiring workflows

How PyjamaHR Detects Compromise

  • Multiple logins from different devices, browsers, or locations in a short period

  • Simultaneous logins from geographically distant locations (e.g., India and the US)

  • Credential sharing (one account used by multiple people)

  • Unusual activity patterns (e.g., logins from new devices after a period of inactivity)

  • Automated anti-spam and anti-fraud AI filters flagging suspicious business details or usage

When such activity is detected, you may see messages like:

  • “Suspicious activity detected. Your account has been flagged for suspicious activity. For security reasons, access has been temporarily suspended. Please contact support to restore access.”

  • “Your account has been flagged for multiple logins.”

Step-by-Step Guide: What to Do If You Suspect Account Compromise

1. Recognize the Warning Signs

  • You receive an in-app or email notification about suspicious activity or multiple logins.

  • You are unexpectedly logged out or unable to access your account.

  • You see jobs posted or actions taken that you did not initiate.

  • You receive candidate complaints about fraudulent job postings or requests for payment.

2. Immediate Actions

A. If you are locked out or see a warning:
1. Do not attempt repeated logins from multiple devices.
2. Check your email for a message from PyjamaHR support with further instructions.
3. Prepare to verify your identity and account ownership. You may be asked for:
- Your registered email address
- Your phone number
- Recent activity details (e.g., devices/locations used)
- Company verification documents (if flagged by anti-spam AI)

B. If you suspect unauthorized access but still have access:
1. Change your password immediately using the “Forgot Password” link on the login page.
2. Log out of all devices (if possible).
3. Notify your team and ask them to check their access and credentials.

3. Report the Incident to PyjamaHR Support

  • Contact support via in-app chat or email ([email protected]).

  • Provide:

  • Your registered email and phone number

  • Description of the suspicious activity

  • Any error messages/screenshots

  • Confirmation if you have shared credentials or used multiple devices

Note: For urgent cases (e.g., ongoing fraud, candidate data at risk), request a call-back and provide your phone number for priority handling.

4. Cooperate with Verification

  • PyjamaHR support may request a quick call (Zoom/phone/WhatsApp) to verify your identity and discuss the incident.

  • For business verification, you may need to provide:

  • Company website URL

  • LinkedIn company page

  • Business registration documents (e.g., GST, EIN, Certificate of Incorporation)

5. Await Account Restoration

  • Once verified, support will manually unflag your account and restore access.

  • You may be asked to change your password and invite additional users rather than sharing credentials.

Advanced Usage & Best Practices

How to Prevent Account Compromise

  • Never share your login credentials with other team members. Each user should have their own account.

  • Limit logins to one device at a time (e.g., one laptop and one phone per user).

  • Add team members via Settings > Team Members instead of sharing passwords.

  • Use strong, unique passwords and change them regularly.

  • Enable two-factor authentication if available (feature request noted in customer feedback).

  • Log out from devices you no longer use (especially after device changes or travel).

  • Monitor account activity for unexpected changes or job postings.

For Remote and Distributed Teams

  • If you have legitimate multiple locations (e.g., HR in Dubai, manager in India), ensure each person has their own user account.

  • Explain to support if you travel frequently or use multiple devices, so they can whitelist expected activity.

Troubleshooting & Common Issues

Common Error Messages & What They Mean

  • “Suspicious activity detected…”: Your account was flagged for possible hijacking or credential sharing.

  • “Your account has been flagged for multiple logins”: Detected logins from different devices/locations.

  • “We’ve enabled your access for now, but just a quick reminder: it’s best not to log in on two devices using the same credentials…”: Temporary access restored, but you must stop sharing credentials.

Solutions

  • If you are locked out: Contact support with your details and await manual verification.

  • If you use multiple devices: Limit to one device at a time, and explain your workflow to support if needed.

  • If you share credentials: Stop immediately, add users properly, and change your password.

  • If you suspect hacking: Change your password, notify support, and review recent activity.

  • If you see jobs posted you did not create: Report immediately; PyjamaHR will investigate and may notify affected candidates.

What If I Need Access Urgently?

  • Provide your phone number for a priority call-back.

  • Explain any business-critical deadlines (e.g., campus hiring, urgent job postings).

  • Support will prioritize urgent cases, especially if hiring is blocked.

Comprehensive FAQ

Q1: Why was my account flagged for multiple logins when I only use two devices?
A: PyjamaHR’s system detects simultaneous logins from different devices or locations. Even two devices (e.g., laptop and phone) can trigger a flag if used at the same time or from distant locations.

Q2: Can I share my login with my assistant or team?
A: No. Each user must have their own credentials. Sharing is the #1 cause of account flags and suspensions.

Q3: What if my team is distributed across countries?
A: Add each team member as a user. Explain your setup to support if you have legitimate multi-location access.

Q4: How do I know if my account was actually compromised?
A: Warning signs include unexpected logouts, jobs posted you didn’t create, or candidate complaints about scams. If in doubt, contact support.

Q5: How long does it take to restore access?
A: Most cases are resolved within a few hours after verification, but complex cases (e.g., business verification) may take up to 24 hours.

Q6: What documents are needed for business verification?
A: Company website, LinkedIn page, and business registration documents (GST, EIN, etc.).

Q7: Can I see a list of devices where my account is logged in?
A: Not currently, but you can request support to log out all sessions.

Q8: What if I use a VPN or travel frequently?
A: Let support know your typical usage pattern so they can whitelist expected activity.

Q9: What if I suspect a candidate data breach?
A: Report immediately. PyjamaHR will investigate, notify affected candidates, and provide you with a list of impacted users if needed.

Q10: Can I enable two-factor authentication?
A: Not currently available, but this is a frequently requested feature.

Q11: What if my account is flagged repeatedly?
A: Review your login practices, stop sharing credentials, and contact support for a workflow review.

Q12: What if I need to download my data while locked out?
A: Request a data export from support; they can provide a secure download link after verification.

Related Features & Next Steps

  • User Management: Add team members via Settings > Team Members.

  • Access Types: Assign appropriate roles (Super Admin, Admin, Recruiter, etc.).

  • Password Reset: Use “Forgot Password” for secure resets.

  • Business Verification: Keep your company details and documents up to date.

  • Job Posting Security: Monitor for unauthorized job postings.

Recommended Articles:
- Inviting Team Members
- Understanding Access Types
- Managing User Access and Security
- How to Reset Your Password

Key Takeaways

  • Never share your credentials. Always add users properly.

  • Report suspicious activity immediately. The sooner you act, the faster your account can be secured.

  • Cooperate with support. Quick verification helps restore access rapidly.

  • Stay proactive. Monitor your account, use strong passwords, and educate your team.

By following these steps and best practices, you can keep your PyjamaHR account—and your hiring data—safe and secure.

Still have questions or need urgent help?
Contact PyjamaHR support via in-app chat or email [email protected], and provide your registered email and phone number for the fastest response.

Did this answer your question?