Getting into the workforce: scammers have started sending dipfakes to job interviews
Fraudsters can use artificial intelligence and dipfakes to gain employment in companies under the guise of real employees , experts have warned. If fake candidates manage to pass all stages of interviews, they will have access to corporate data and can cause huge damage to organizations. Read more about the dangers of fraudulent schemes with dipfakes at job interviews in the Izvestia article.
How do fraudsters use dipfeaks at job interviews?
The Polish company Vidoc Security Lab (VSL) reported that cyber fraudsters have started using artificial intelligence (AI) and dipfeikas for employment, pretending to be IT specialists. It has twice identified fake candidates there, who at the same time successfully passed the preliminary stages of interviews.
One of the candidates caught the attention of VSL's founder because of a discrepancy between his accent and his stated country of origin. Suspicions were heightened when he switched to a video interview when it became clear that the candidate's image looked unnatural: his facial and lip movements were delayed, and his face seemed superimposed on his body. Despite this, his answers sounded confident.
The situation was later repeated with another candidate who presented himself as a Serbian developer with nine years of experience and an extensive network of contacts. Although his resume looked convincing, his appearance and accent aroused suspicion during the video interview. The candidate refused to take the proposed test - and the interview was stopped.
- Remote employment under the identity of another person, created with the help of dipfake technology, potentially gives a criminal the opportunity to obtain accounts and other relevant information, which can significantly facilitate the task of penetrating the company's infrastructure to develop a further attack," says Ludmila Gvozdeva, Head of Talent Acquisition at F.A.C.C.T., in a conversation with Izvestia. Lyudmila Gvozdeva.
What is the risk of interviews with dipfakes in Russian companies?
At the moment, there are not many high-profile cases in the world when attackers tried to use dipfeaks at job interviews, says Dmitry Anikin, senior data scientist at Kaspersky Lab. According to the expert, the first of such incidents were recorded back in 2022, when remote work began to gain popularity worldwide amid the COVID-19 pandemic.
- Companies need to understand the potential risks that arise with the development of new technologies and be prepared for them," the Izvestia interlocutor said.
Lyudmila Gvozdeva adds that the prospect of using dipfake technology in employment, given the rapid development of technology, is quite realistic for those companies in which the process of hiring employees can take place completely remotely. Taking into account the global nature of cybercrime and the rapid development of technologies for creating dipfeaks, the emergence of such threats in Russia is only a matter of time, said Marina Probets, Internet analyst and expert at Gazinformservice.
According to the expert, Russian companies, especially those working with sensitive information, should take this potential attack vector into account and take preventive measures by improving candidate verification procedures and implementing protection systems capable of recognizing dipfeaks. The lack of reported cases does not mean that the threat itself does not exist, but rather indicates its latent nature and the need for a proactive approach to security.
- It's worth noting that in Russian personal blogs you can already see stories about candidates using AI technologies to try to get a job without proper experience and knowledge," says Konstantin Gorbunov, a leading expert on network threats and web developer at Security Code. - However, so far it is primarily concerned with compiling a good and relevant resume, while identity fraud with the help of dipfake videos is used to a lesser extent.
What are the risks of dipfake interviews?
First of all, the risks of dipfeiks appearing at job interviews exist for companies from those spheres that cybercriminals are actively attacking today, such as retail and online stores, medical organizations, educational centers, construction, pharmaceutical and IT companies, says Lyudmila Gvozdeva in a conversation with Izvestia.
- Companies with active recruiting of specialists, where completely remote employment is practiced without the need to visit the office, and later - completely remote work, without personal contact, periodic face-to-face meetings, joint events and so on," adds Konstantin Gorbunov.
Attackers are attracted to organizations where large amounts of personal data, financial information, trade secrets or intellectual property are stored, says Marina Probets. The higher the potential "benefit" from a hack, the more likely it is that a company will become a target for such attacks.
At the same time, according to the expert, fraudulent schemes with the "employment" of dipfakes pose a serious danger to companies. By gaining access to an organization's internal network, an attacker can steal confidential data, intellectual property, financial information, change security settings, introduce malware or sabotage the company's work.
- "Unlike traditional cyberattacks, detecting such an 'employee' is difficult because they are formally part of the organization and have legitimate credentials," says Marina Probets. - This creates long-term risks and can cause significant damage to a company's reputation and financial well-being.
How to protect yourself from dipfakes in job interviews?
In order to protect oneself from fraudulent schemes with dipfakes at job interviews, it is necessary, first of all, to build hiring processes in companies taking into account potential threats and to inform employees about new attack schemes of attackers, says Dmitry Anikin.
- Diphtheft applicants can add to HR's work," says Nikita Leokumovich, head of digital forensics and cyberintelligence at Angara SOC, in a conversation with Izvestia. - After all, it is necessary not only to search for candidates on verified resources, but also to conduct a more thorough initial evaluation of questionnaires.
According to the expert, it is also important to ask for additional references and use open sources of information, in order to make sure that a potential employee really exists. Meanwhile, according to Lyudmila Gvozdeva, it is possible to identify an intruder using dipfake already at the first interview, which is held in video format.
At this stage of the interview it is necessary to pay attention to indirect signs - the presence of a clear video image of the candidate, the absence of "lag" of facial expressions from speech, the absence of long pauses between the question and the answer, as well as the structure of the answer, says Konstantin Gorbunov. If the answer is completely borrowed from ChatGPT, it will rather resemble a report than demonstrate the candidate's knowledge based on his experience and examples from past jobs.
- The best defense against dipfakes at job interviews is face-to-face meetings where you can test hard and soft skills live," Maxim Buzinov, head of the R&D laboratory at the Cyber Security Technologies Center of Solar Group, adds.
If it is impossible to enroll an employee offline, it is necessary to start the hiring process in the services of legally significant document management (LSDO). In this way, the candidate will be able to sign their applications with an electronic signature, and the employer will be able to check its authenticity. It is much easier to obtain scans of documents than to forge an ES, concludes Konstantin Gorbunov.
Переведено сервисом «Яндекс Переводчик»
