FBI Tells Employers To Beware Of Deepfakes And Stolen IDs During Remote Job Interviews
Bad actors are using deepfakes and stolen Personally Identifiable Information (PII) to apply primarily for "information technology and computer programming, database, and software related" remote or work-from-home positions. These positions would grant them access to “customer PII, financial data, corporate IT databases and/or proprietary information.” Victims whose information was stolen for this purpose have reported that their information has been used in pre-employment background checks for jobs they have not applied for.
How exactly are these bad actors using these deepfakes? The deepfakes are being utilized during online interviews. According to the FBI, “the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking.” There have even been moments when the employer would hear the interviewee cough or sneeze but nothing would happen on screen.
It is unclear who is behind these scams and the FBI does not provide any additional information. However, the FBI requests that companies or victims report suspicious activity to IC3. These reports should include any relevant information such as IP or email addresses, phone numbers, or names.
Deepfakes have increasingly become more common as artificial intelligence evolves. Many have been concerned that AI tools could be used for criminal purposes and have warned against their use and development. Microsoft even limited access to their facial recognition and Custom Neural Voice tools due partly to fears that they could be misused.
The FBI has been quite busy over the last few months. The FBI and IRS recently seized the SSNDOB marketplace. The marketplace was selling the personal information of over 24 million Americans and making more than $19 million USD in sales revenue. The FBI and IRS were also assisted by authorities in other countries such as Latvia and Cyprus where the website was active.