Recent research indicates a troubling rise in scams involving artificial intelligence (AI), as fraudsters leverage this technology to fabricate identities and apply for remote job opportunities. As scams continue to evolve, AI tools enable these criminals to enhance their profiles, making it increasingly difficult for employers to identify potential threats.

The Scope of the Issue

AI has become a valuable asset for scammers, streamlining various aspects of the job application process. With the ability to generate convincing resumes, tailored professional headshots, and even credible online profiles, these fraudsters can easily present themselves as ideal candidates for available positions.

Once they manage to secure a role, these impostors can engage in a range of malicious activities, from stealing sensitive company information to deploying malware within corporate networks. The situation is exacerbating as forecasts from Gartner suggest that by 2028, around 25% of job applicants could be fabricated.

Detecting AI-Generated Applicants

In an alarming incident shared by Dawid Moczadlo, co-founder of the cybersecurity firm Vidoc Security, an interview ended abruptly once it became apparent the candidate was utilizing an AI-generated appearance. Moczadlo recalls the moment of discovery, stating, “I felt a little bit violated, because we are the security experts.”

To expose the fraud, Moczadlo asked a straightforward question: “Can you take your hand and put it in front of your face?” The candidate’s refusal to comply raised immediate red flags, leading to the interview’s swift termination. Moczadlo noted that the deepfake technology employed was not advanced, suggesting that blocking the face would effectively disrupt the filter.

This type of experience has significantly altered Vidoc Security’s hiring protocols, leading the firm to implement in-person interviews for potential hires. By covering travel costs and offering a day’s pay for a face-to-face meeting, they aim to ensure a more thorough evaluation of candidates.

A Broader Threat Landscape

The incidents observed at Vidoc are just the tip of the iceberg. The U.S. Justice Department has identified multiple cases where individuals, allegedly connected to North Korean networks, are using false identities to secure jobs in the U.S. tech industry. These operations often funnel funds back into North Korea, amounting to hundreds of millions of dollars annually, which partially supports the country’s military ambitions.

Moczadlo highlighted that the patterns these AI-generated candidates displayed align with those found in these broader fraud cases, although his firm’s situation remains under investigation. He emphasized, “We are really lucky that we are security experts,” pointing out that many hiring managers may lack the tools to discern legitimate candidates from AI-generated impostors.

Best Practices for Verification

In light of these challenges, Moczadlo and his team have developed a set of strategies to assist HR professionals in identifying potentially fraudulent applications:

1. Scrutinize LinkedIn Profiles: Verify the account’s authenticity by checking the profile creation date and assessing the individual’s connections and endorsements.
2. Engage with Cultural Context: Pose questions that require local knowledge related to the candidate’s claimed upbringing, such as favorite local eateries or landmarks.
3. Prioritize In-Person Interactions: Whenever feasible, arrange face-to-face meetings, which remain one of the most effective methods to confirm identity.