Just when you thought the world couldn’t get any stranger, it did. The FBI warns companies to be vigilant. Hackers create deep forgeries by using stolen identities to apply for remote jobs. Yes, you read that right. The warning was posted as a public service announcement on the Internet Crime Complaint Center.
The FBI explained how cybercriminals steal Americans’ personally identifiable information (PII) and apply for remote jobs. They then use deepfake videos to conduct online job interviews.
You probably have many, many questions at this point, as do I. Reading further, it starts to make some sense. Not being a criminal mastermind myself, I obviously had to try to put myself in one’s shoes to really see the cost-benefits of doing this.
“Remote or work-from-home positions identified in these reports include information technology and computer programming, database, and software-related positions.” The FBI post said. “Notably, some reported positions include access to personal customer information, financial data, company computer databases and proprietary information.”
Stolen information may include your social security number, driver’s license, or health insurance. Once they have access to it, it’s relatively easy. Hackers just use your name and address to start applying for jobs.
Cybercriminals can use deepfake videos and voice modifiers to complete the deception when asked for an interview. The AI involved only needs access to a single decent photo, such as a driver’s license or passport image to create the deepfake. However, it is not foolproof. Often, the audio just doesn’t match facial movements fully convincingly. This is especially true in live situations such as an interview where some spontaneity is required.
At first glance, it seems like a huge amount of work just to get a remote job. However, once you look at the possible payouts, they could be huge. Hackers hope to access secure information behind corporate firewalls. Once they have this information, they can steal information including passwords and credit card numbers.
Of course, we should all be aware that this type of technology is destined to be used for nefarious activities before long. It just becomes another thing we need to be aware of and continue to protect our personal information.
The FBI statement did not indicate whether any companies are compromised in this way.
[Via Digital Trends]