Just when you thought the world couldn’t get any weirder, it just did. The FBI is warning companies to be vigilant. Hackers are creating deep fakes using stolen identities to apply for remote jobs. Yes, you read that correctly. The warning was posted as a public service announcement on the Internet Crime Complaint Center.
The FBI explained how cybercriminals are stealing Americans’ personal identifiable information (PII) and applying for remote jobs. They then use deepfake videos to pass online job interviews.
You probably have many, many questions at this point, as did I. Reading further into it, it does begin to make some sense. Not being a criminal mastermind myself, I obviously had to try to put myself in the shoes of one to really see the cost-benefits of doing this.
“The remote work or work-from-home positions identified in these reports include information technology and computer programming, database, and software-related job positions.” The FBI post said. “Notably, some reported positions include access to customer PII, financial data, corporate IT databases and proprietary information.”
The stolen information can include your social security number, driver’s license, or health insurance. Once they have access to this, it’s relatively easy. The hackers just use your name and address to begin applying for jobs.
Cybercriminals can use deepfake videos and voice modifiers to complete the deception when invited to an interview. The AI involved only needs access to one decent photo, such as a driver’s licence or passport image to create the deepfake. However, it’s not infallible. Often the audio just doesn’t quite match up with the facial movements in a completely convincing way. This is especially true in live situations such as an interview where some spontaneity is required.
On first inspection, it seems like an awful lot of work just to get a remote job. However, once you look at the possible gains, they could be enormous. Hackers are hoping to gain access to information secured behind corporate firewalls. Once they have that information, they can steal information, including passwords and credit card numbers.
Of course, we should all be aware that this sort of technology is bound to be used for nefarious activity before long. It simply becomes yet another thing we need to be aware of, and continue to keep our personal information safe.
The FBI release did not state if any companies are compromised in this way.
[Via Digital Trends]