Deepfaking crooks seek remote-working jobs to gain access to sensitive data

Deepfaking crooks seek remote-working jobs to gain access to sensitive data

The FBI has issued a warning that, in an attempt to gain access to sensitive data at organisations, crooks are using deepfake video when applying for remote working-at-home jobs.

The FBI’s Internet Crime Complaint Center (IC3) says there has been an increase in reports that deepfake video and audio is being used by criminals when applying for positions that involve access to personal identifiable information (PII), financial data, corporate IT databases, and proprietary information.

According to the warning, the fraudsters can also use stolen PII when applying for remote positions, perhaps to skirt around pre-employment background checks.

In the advisory, the IC3 explains that there can be tell-tale clues that the video call may be deepfaked:

Complaints report the use of voice spoofing, or potentially voice deepfakes, during online interviews of the potential applicants. In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.

Gesundheit!

Individuals or companies who identify that deepfake technology is being used by someone applying for a job are advised to report it to the IC3.Companies or victims who identify this type of activity should report it to the IC3.

Sign up to our free newsletter.
Security news, advice, and tips.

For more on the problems that could be caused by Zoom deepfakes, including an example where a deepfaked Elon Musk joined a video call, listen to this episode of the “Smashing Security” podcast from 2020:

Smashing Security #175: 'Zoom deepfakes, Zardoz, and 'Rona tracing'

Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.