IC3 issues warning on deepfake use in remote work applications

Image from Pixabay

The Federal Bureau of Investigation (FBI)'s Internet Crime Complaint Center (IC3) issued a warning on the use of deepfakes and stolen personally identifiable information (PII) by individuals attempting to earn remote work positions.

According to the warning, jobs in the information technology (IT) field are being targeted by the fraudulent activity, as well as positions related to software and database management and computer programming.

Complaints submitted to IC3 noted tactics such as voice spoofing or potential voice deepfakes being used during online interviews with job candidates. Stolen PII was also used by some applicants to attempt to gain a remote position. Stolen PII was intercepted during the pre-employment background check stage of the job applications, according to a complaint.

The fraudulent applications may represent an effort to gain employee access to corporate networks. As the deepfakes and stolen PII tactics have been targeting roles with significant access privileges to enterprise systems, security teams should watch for insider threats within their networks. Security and HR teams can collaborate to identify fraudulent job applications and prevent an insider threat from escalating to a cyberattack.

Madeline Lauver is the Editor in Chief of Security magazine. Lauver joined Security in 2021 as its Assistant Editor, and she covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a B.A. in English, German and Media Studies from Kalamazoo College.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.