June 29 — In a new public service announcement, the FBI has warned employers not to fall for fraudulent job applications on behalf of remote jobs.
According to the FBI, voice spoofing and stolen personal information have been used to deceive managers into moving applications through the hiring pipeline.
Deepfakes and job applications
Deepfakes have even been used in job interviews. In the interviews, the facial movements of the individual, as shown on-camera, do not fully correspond to the audio of the persons speaking. Actions such as sneezing or coughing, or other auditory actions are not aligned with what is visually presented.
Scammers and work-from-home roles
These scammers are motivated by the prospect of ‘working’ for an employer who will give them access to sensitive customer and corporate information. Ultimately, these scammers aim to sell or use the information for nefarious intent and financial gain.
Positions applied for
In some of these incidents, cyber criminals have applied for positions that include access to customer PII, financial data, corporate IT databases and/or proprietary information. Employers held up red flags during background checks, which revealed that the scammers’ submitted personal information actually belonged to someone else.
Earlier this year, the FBI released a warning pertaining to scammers using video conferencing platforms to launch business email compromise (BEC) attacks. In this instance, malicious emails compromised inboxes belonging to CEOs and fake meeting invites were distributed to employees.
Once on the virtual meeting platform, the ‘CEO’ would claim that the video camera wasn’t working properly. Attendees then heard a deepfake audio encouraging them to make a large bank transfer.
For more on this story, visit Infosecurity Magazine. In addition, get more info about BEC scams through CyberTalk’s whitepaper collection.
Lastly, to receive cutting-edge cyber security news, exclusive interviews, expert analyses and security resources, please sign up for the CyberTalk.org newsletter.