As U.S. companies hire for remote positions, they face a growing threat from fraudsters using AI tools to create fake identities and credentials. These fake employees then use their company access to cause havoc with malware.
CNBC reports that the rise of artificial intelligence has brought numerous benefits to businesses, but it has also introduced a new challenge: fake job seekers using AI to deceive employers. According to recent reports from tech CEOs and cybersecurity experts, U.S. companies hiring for remote positions are being flooded with applications from impostors using AI-generated photo IDs, employment histories, and interview responses.
Vijay Balasubramaniyan, CEO and co-founder of voice authentication startup Pindrop Security, recently encountered a fraudulent candidate dubbed “Ivan X.” The applicant, a Russian coder, seemed to have all the right qualifications for a senior engineering role. However, during a video interview, Pindrop’s recruiter noticed that Ivan’s facial expressions were slightly out of sync with his words, indicating the use of deepfake software.
Research and advisory firm Gartner predicts that by 2028, 1 in 4 job candidates globally will be fake due to the rise of AI-generated profiles. This poses significant risks to companies, as impostors can install malware, demand ransom, steal customer data, trade secrets, or funds once hired.
Breitbart News previously reported on this issue in October last year, writing:
North Korean engineers are using artificial intelligence and other technologies to fool foreign governments and corporations, landing overseas jobs and earning U.S. dollars to fund the regime of Kim Jong-un, the Asian Nikkei Review reported Thursday.
According to Nikkei, U.S. facilitators are aiding the Pyongyang regime in earning foreign currency to fund weapons programs. The newspaper referenced the case of Matthew Isaac Knoot, a 38-year-old man from Nashville, Tennessee, who ran a “laptop farm” with the intent to generate revenue for North Korea’s weapons program.
Knoot used the equipment and stolen identities to deceive American and British companies into hiring North Korean individuals pretending to be remote U.S. IT workers, laundering the proceeds from the remote IT jobs to accounts linked to both North Korean and Chinese actors. According to the Attorney’s Office for the Middle District of Tennessee, the “laptop farm” operation yielded revenues of over $250,000 between July 2022 and August 2023 per each false worker.
Cybersecurity and cryptocurrency firms appear to be particularly vulnerable to this threat, as they often hire for remote roles. Ben Sesser, CEO of BrightHire, a company that helps corporate clients assess prospective employees in video interviews, has seen a “massive” increase in fraudulent job candidates this year.
The issue is not confined to the tech industry. In May, the U.S. Department of Justice alleged that more than 300 U.S. firms, including Fortune 500 companies, had inadvertently hired impostors with ties to North Korea for IT work. These workers used stolen American identities and remote networks to mask their true locations, sending millions of dollars in wages to North Korea to help fund the nation’s weapons program.
Lili Infante, founder and chief executive of CAT Labs, a startup at the intersection of cybersecurity and cryptocurrency, reports receiving applications from “100 North Korean spies” every time they list a job posting. To combat this, companies are turning to identity-verification firms to weed out fake candidates.
Read more at CNBC here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship.
