https://www.bleepingcomputer.com/news/security/fbi-stolen-pii-and-deepfakes-used-to-apply-for-remote-tech-jobs/ BleepingComputer.com logo * * * [ ] [Login] [Sign up] * * * [ ] [Login] [Sign up] * News + Featured + Latest + FBI: Stolen PII and deepfakes used to apply for remote tech jobs FBI: Stolen PII and deepfakes used to apply for remote tech jobs + Raccoon Stealer is back with a new version to steal your passwords Raccoon Stealer is back with a new version to steal your passwords + Over 900,000 Kubernetes instances found exposed online Over 900,000 Kubernetes instances found exposed online + New Firefox privacy feature strips URLs of tracking parameters New Firefox privacy feature strips URLs of tracking parameters + Windows 10 KB5014666 update brings new printing features, bug fixes Windows 10 KB5014666 update brings new printing features, bug fixes + Evilnum hackers return in new operation targeting migration orgs Evilnum hackers return in new operation targeting migration orgs + New Firefox privacy feature strips URLs of tracking parameters New Firefox privacy feature strips URLs of tracking parameters + Microsoft 365 now prevents data leaks with new session timeouts Microsoft 365 now prevents data leaks with new session timeouts * Downloads + Latest + Most Downloaded + Qualys BrowserCheck Qualys BrowserCheck + STOPDecrypter STOPDecrypter + AuroraDecrypter AuroraDecrypter + FilesLockerDecrypter FilesLockerDecrypter + AdwCleaner AdwCleaner + ComboFix ComboFix + RKill RKill + Junkware Removal Tool Junkware Removal Tool * Virus Removal Guides + Latest + Most Viewed + Ransomware + How to remove the PBlock+ adware browser extension How to remove the PBlock+ adware browser extension + Remove the Toksearches.xyz Search Redirect Remove the Toksearches.xyz Search Redirect + Remove the Smashapps.net Search Redirect Remove the Smashapps.net Search Redirect + Remove the Smashappsearch.com Search Redirect Remove the Smashappsearch.com Search Redirect + Remove Security Tool and SecurityTool (Uninstall Guide) Remove Security Tool and SecurityTool (Uninstall Guide) + How to remove Antivirus 2009 (Uninstall Instructions) How to remove Antivirus 2009 (Uninstall Instructions) + How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo + How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller + Locky Ransomware Information, Help Guide, and FAQ Locky Ransomware Information, Help Guide, and FAQ + CryptoLocker Ransomware Information Guide and FAQ CryptoLocker Ransomware Information Guide and FAQ + CryptorBit and HowDecrypt Information Guide and FAQ CryptorBit and HowDecrypt Information Guide and FAQ + CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ * Tutorials + Latest + Popular + How to open a Windows 11 Command Prompt as Administrator How to open a Windows 11 Command Prompt as Administrator + How to make the Start menu full screen in Windows 10 How to make the Start menu full screen in Windows 10 + How to install the Microsoft Visual C++ 2015 Runtime How to install the Microsoft Visual C++ 2015 Runtime + How to open an elevated PowerShell Admin prompt in Windows 10 How to open an elevated PowerShell Admin prompt in Windows 10 + How to start Windows in Safe Mode How to start Windows in Safe Mode + How to remove a Trojan, Virus, Worm, or other Malware How to remove a Trojan, Virus, Worm, or other Malware + How to show hidden files in Windows 7 How to show hidden files in Windows 7 + How to see hidden files in Windows How to see hidden files in Windows * Deals + Categories + eLearning eLearning + IT Certification Courses IT Certification Courses + Gear & Gadgets Gear + Gadgets + Security Security * Forums * More + Startup Database + Uninstall Database + File Database + Glossary + Chat on Discord + Send us a Tip! + Welcome Guide * Home * News * Security * FBI: Stolen PII and deepfakes used to apply for remote tech jobs * * FBI: Stolen PII and deepfakes used to apply for remote tech jobs By Sergiu Gatlan * June 28, 2022 * 10:41 AM * 0 Deepfake The Federal Bureau of Investigation (FBI) warns of increasing complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions. Deepfakes (digital content like images, video, or audio) are sometimes generated using artificial intelligence (AI) or machine learning (ML) technologies and are difficult to distinguish from authentic materials. Such synthetic content has been previously used to spread fake news and create revenge porn, but the lack of ethical limitations regarding their use has always been a source of controversy and concern. The public service announcement, published on the FBI's Internet Crime Complaint Center (IC3) today, adds that the deepfakes used to apply for positions in online interviews include convincingly altered videos or images. The targeted remote jobs include positions in the tech field that would allow the malicious actors to gain access to company and customer confidential information after being hired. "The remote work or work-from-home positions identified in these reports include information technology and computer programming, database, and software-related job functions," the FBI said. "Notably, some reported positions include access to customer PII, financial data, corporate IT databases and/or proprietary information." Video deepfakes are easier to detect While some of the deepfake recordings used are convincing enough, others can be easily detected due to various sync mismatches, mainly spoofing the applicants' voices. "Complaints report the use of voice spoofing, or potentially voice deepfakes, during online interviews of the potential applicants," the US federal law enforcement agency added. "In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually." Some victims who reported to the FBI that their stolen PII was used to apply for a remote job also said pre-employment background checks information was utilized with other applicants' profiles. The FBI asked victims (including companies who have received deepfakes during the interview process) to report this activity via the IC3 platform and to include information that would help identify the crooks behind the attempts (e.g., IP or email addresses, phone numbers, or names). In March 2021, the FBI also warned in a Private Industry Notification (PIN) [PDF] that deepfakes (including high-quality generated or manipulated video, images, text, or audio) are getting more sophisticated by the day and will likely be leveraged broadly by foreign adversaries in "cyber and foreign influence operations." Europol also warned in April 2022, that deepfakes could soon become a tool that cybercrime organizations will use on a regular basis in CEO fraud, to tamper with evidence, and to create non-consensual pornography. Related Articles: US govt: Paying Karakurt extortion ransoms won't stop data leaks FBI warns of Ukrainian charities impersonated to steal donations Google quietly bans deepfake training projects on Colab Cybersecurity agencies reveal top initial access attack vectors FBI, CISA, and NSA warn of hackers increasingly targeting MSPs * Deep Fake * Deepfake * FBI * IC3 * Interview * PII * Warning * * * * * Sergiu Gatlan Sergiu Gatlan is a reporter who covered cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for tips. * Previous Article * Next Article Post a Comment Community Rules You need to login in order to post a comment [Login] Not a member yet? Register Now You may also like: [INS::INS] [Bleeping-Computer-FinServ-2022] Popular Stories * Phishing Clever phishing method bypasses MFA using Microsoft WebView2 apps * LockBit Fake copyright infringement emails install LockBit ransomware Newsletter Sign Up To receive periodic updates and news from BleepingComputer, please use the form below. [ ] [Submit] Newsletter Sign Up [ ] [Submit] * Follow us: * * * * Main Sections * News * Downloads * Virus Removal Guides * Tutorials * Startup Database * Uninstall Database * File Database * Glossary Community * Forums * Forum Rules * Chat Useful Resources * Welcome Guide * Sitemap Company * About BleepingComputer * Contact Us * Send us a Tip! * Advertising * Write for BleepingComputer * Social & Feeds * Changelog Terms of Use - Privacy Policy - Ethics Statement Copyright @ 2003 - 2022 Bleeping Computer^(r) LLC - All Rights Reserved Login Username [ ] Password [ ] [*] Remember Me [ ] Sign in anonymously [Login] Sign in with Twitter button Sign in with Twitter --------------------------------------------------------------------- Not a member yet? Register Now Reporter Help us understand the problem. What is going on with this comment? * ( )Spam * ( )Abusive or Harmful * ( )Inappropriate content * ( )Strong language * ( )Other [ ] * [ ] Read our posting guidelinese to learn what content is prohibited. Submitting... SUBMIT