The FBI has issued a warning that, in an attempt to gain access to sensitive data at organisations, crooks are using deepfake video when applying for remote working-at-home jobs.
The FBI’s Internet Crime Complaint Center (IC3) says there has been an increase in reports that deepfake video and audio is being used by criminals when applying for positions that involve access to personal identifiable information (PII), financial data, corporate IT databases, and proprietary information.
According to the warning, the fraudsters can also use stolen PII when applying for remote positions, perhaps to skirt around pre-employment background checks.
In the advisory, the IC3 explains that there can be tell-tale clues that the video call may be deepfaked:
Complaints report the use of voice spoofing, or potentially voice deepfakes, during online interviews of the potential applicants. In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.
Individuals or companies who identify that deepfake technology is being used by someone applying for a job are advised to report it to the IC3.Companies or victims who identify this type of activity should report it to the IC3.
For more on the problems that could be caused by Zoom deepfakes, including an example where a deepfaked Elon Musk joined a video call, listen to this episode of the “Smashing Security” podcast from 2020:
Smashing Security #175: 'Zoom deepfakes, Zardoz, and 'Rona tracing'
Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... | RSS
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.