On LinkedIn and Upwork I've received a number of contacts saying they would like to hire for a few different reasons. One was for finding some problems with their Web3 site, another for adding features, another to change blockchains, others for similar reasons. They would point to a github account which invariably included some react based node and asked to look at what exists and then schedule a call to talk.

The scam here is they expect you to run some random npm on a windows box. This would search your machine for any wallet software, upload it elsewhere, and then install any other files from an offsite host.  I'm not sure if any windows firewall or AV would catch the issue.  The nasty code has been hiding in jquery-min.js and similar, deobfuscating the code shows a long list of potential wallet file locations to grab and the IP addresses of where to upload and also download further files.

I have no idea on the effectiveness of this approach as any real dev shouldn't run unknown software on a local machine. However the javascript was 500 lines of rather interesting code so there was some work put into the scam.