The FBI issued a warning that a rising number of scammers are using deepfake technology to impersonate job candidates during interviews for remote positions.
In a public service announcement released on June 28, the FBI Internet Crime Complaint Center (IC3) says that they had seen an increase in the number of complaints about the scam which sees people, using both deepfake videos and stolen personal identification information, to dupe employers into hiring them for remote jobs.
The deepfake videos include a video image or recording convincingly manipulated to misrepresent someone as the “applicant” in interviews for jobs that can be performed remotely.
“Applicants” who used voice spoofing techniques in their interviews could be detected due to various sync mismatches, where lip movement did not match what was being said during video calls.
The #FBI has noticed an increase in complaints about the use of deepfakes and stolen personally identifiable information to apply for a variety of remote work positions. Check out our Public Service Announcement at https://t.co/DE88T7QxXI to learn more. #ReportTheCompromise pic.twitter.com/oTtVx4K4f6
— FBI (@FBI) June 28, 2022
“Complaints report the use of voice spoofing, or potentially voice deepfakes, during online interviews of the potential applicants. In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually,” says the FBI in the announcement.
The FBI didn’t state the scammer’s end goal. But the agency noted that the complaints were tied to remote tech roles in “information technology and computer programming, database, and software” that would have granted successful candidates access to sensitive data, such as “customer PII (Personally Identifiable Information), financial data, corporate IT databases and/or proprietary information.”
According to the FBI, some victims of the scam reported that their stolen PII had been used to apply for a remote job and that their identities were being used for pre-employment background checks with other applicants’ profiles.
The FBI asked victims, including companies who have received deepfakes during the interview process, to report this activity via the IC3 platform and to include information that would help identify the cyber-criminals behind the attempts such as IP or email addresses, phone numbers, or names provided.
Deepfakes scams are on the rise. Last month, cyber-scammers posted deep-faked videos of Elon Musk on YouTube with the purpose of defrauding unsuspecting victims.
Image credits: Header photo licensed via Depositphotos.