Criminals use deepfake videos to interview for remote work

Security experts are on the lookout for the next evolution of corporate social engineering: deepfake job interviews. The latest trend offers a glimpse into the future arsenal of criminals who use persuasive rigged personas against business users to steal data and commit fraud.

The concern follows a new advisory issued this week by the FBI’s Internet Crime Complaint Center (IC3), which warned of increased activity by fraudsters trying to thwart the online interview process for remote workstations. The notice says criminals are using a combination of deepfake videos and stolen personal data to misrepresent themselves and get jobs in a range of home-based jobs that include information technology, computer programming , database maintenance and professional functions related to software.

Federal law enforcement officials said in the notice that they had received a flurry of complaints from businesses.

“In these interviews, the actions and lip movement of the person seen being interviewed on camera do not completely coordinate with the audio of the person speaking,” the notice said. “Sometimes actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.”

Complaints also noted that criminals used stolen personally identifiable information (PII) in conjunction with these fake videos to better impersonate candidates, with subsequent background checks unearthing discrepancies between the interviewee and the identity presented in the interview. nomination.

Potential Reasons for Deepfake Attacks

While the advisory did not specify the motives for these attacks, it did note that the positions these fraudsters applied for were those with some level of company access to sensitive data or systems.

Thus, security experts believe that one of the most obvious purposes of deep tampering with a remote interview is to enable a criminal to infiltrate an organization for anything from spying on ordinary flight business.

“Notably, some flagged positions include access to customers’ personal information, financial data, company computer databases and/or proprietary information,” the notice said.

“A fraudster who snags a remote job takes a giant leap forward in stealing the organization’s data crown jewels or locking it down for ransomware,” says Gil Dabah, co-founder and CEO of Piiano. “Now they are an insider threat and much harder to detect.”

Additionally, short-term spoofing could also be a way for candidates with a “tainted personal profile” to pass security checks, says DJ Sampath, co-founder and CEO of Armorblox.

To read the full article, visit Dark Reading.

Comments are closed.