The FBI warns that cyberattackers are using stolen Personal Identifiable Information (PII) and deepfakes to apply for remote work positions. The announcement states that the deepfakes used in online interviews include convincingly altered videos or images.
Targeted remote jobs include technology positions that can allow attackers to gain confidential information after they have been hired.
“The remote work or work-from-home positions identified in these reports include information technology and computer programming, database, and software-related job functions. Notably, some reported positions include access to customer PII, financial data, corporate IT databases and/or proprietary information,” the FBI said.
Compromised users whose stolen PII was used to apply for remote jobs claimed pre-employment background checks information was utilized with other applicants’ profiles.
The FBI asked compromised users and organizations to report such activity through the IC3 platform and insert information that would help identify the fraudsters behind the attempts, such as IP or email addresses, phone numbers or names.
The sources for this piece include an article in BleepingComputer.