The US FBI has warned of a situation that sees deepfakes and stolen personal details being utilized to apply for work in the US, like faking video interviews.
The attention to remote work comes with its good and bad sides. It’s giving room for scamming, resulting in security standards being updated.
This deepfakes scam has made the FBI give a public service announcement, warning that deepfakes are being used for nefarious purposes, especially imitating individuals whose identities have been stolen to apply for work.
According to the FBI, there are cases of voice spoofing or deepfakes use in online applicant interviews. During the interviews, the lip movement and actions of the person seen interviewed on camera won’t coordinate with the audio of the applicant speaking.
Sometimes, activities like sneezing and coughing are not aligned with activities presented visually.
FBI has warned that anyone can create a deepfakes with a good picture and use it to record a fake video of the target speaking or do it live. Alongside a seeming legal application data, it can be enough for a rushed employing manager to sign in a new contractor.
Deepfakes can involve a nation-state intelligence or funding operation. For example, North Korea is seen as employing falsified information to land works in the US, particularly in the Crypto sector, where many thefts can be achieved with small repercussions.
This isn’t the first time people are seeing this sort of scam. Instances of fake employees have been seen for years. Working under false identities is an old book that would be hard to remove.
The idea is to use AI-powered imagery to pass through the interview process.
Though the FBI didn’t say any ways to avoid this scam, it notes that some background checks have identified stolen PII as people report that their identities, emails, and addresses are used without their consent.
Presently, not much can be done to prevent the scam. Someone whose identity is stolen can be alert and on the lookout for suspicious activities like strange calls and emails.
Unlike big enterprises, small businesses might not be targeted because they don’t have much value to offer. SaaS companies and startups may be much at risk, especially those with little security infrastructure.
How can one avoid this kind of scam? If you’re employing in high-risk sectors like health tech and security, be more careful. Employ strong encryption and advanced access controls and consult security professionals.
The FBI has warned! Let’s be careful!
Image by Pete Linforth from Pixabay