Ethical Hacking News
A recent wave of deepfake job scams has targeted top companies, including tech giants like Amazon. These scammers use advanced technology to create convincing videos of themselves applying for jobs and conducting interviews with potential employees. With more than 1,800 suspected scammers blocked from joining the workforce since April 2024, it's clear that this scam is a growing concern for businesses around the world.
Top tech companies have fallen victim to a sophisticated job scam using deepfake technology. Suspected scammers from the Democratic People's Republic of Korea have been blocked from joining workforces, including Amazon, with over 1,800 suspected scammers blocked since April 2024. Companies are losing tens of millions of dollars due to the potential risks associated with hiring deepfake job scammers. The use of deepfake technology in job scams is a relatively new phenomenon, but its impact is already being felt. Executives and companies must remain vigilant and adapt their security protocols to stay ahead of these sophisticated scammers.
In a disturbing trend, top companies from tech giants like Amazon to small startups have fallen victim to a sophisticated job scam. The scammers, allegedly affiliated with the North Korean government, use deepfake technology to create convincing videos of themselves applying for jobs and even conducting interviews with potential employees.
According to Jason Rebholz, CEO of Expel, an AI security firm, he received a direct message from someone claiming they knew someone who would be a good candidate for a security researcher role at his company. The purported job-seeker's profile picture looked like an anime character, but Rebholz gave them the benefit of the doubt. He asked his LinkedIn connection about the job seeker, and the connection sent him a link to a resume hosted on Vercel, a cloud platform for building apps that integrates with AI tools.
Despite several red flags, including the use of a coding tool to create a professional-looking resume, Rebholz still considered interviewing the candidate. He gave them his email address, asked his mutual "friend" to make the connection, and within five minutes, he received a response saying to check his spam folder. This level of urgency was unusual and raised Rebholz's suspicions.
The interview itself was a surreal experience for Rebholz. The job seeker repeated the interview questions back before answering them, and many of their answers were almost word-for-word quotes of things Rebholz had said or written that were shared online. Despite feeling like he was talking to himself, Rebholz struggled with the temptation to confront the candidate about his true identity.
After the interview, Rebholz sent a video clip of the interaction to his friend at Moveris, who analyzed it using their deepfake detection technology. The results confirmed Rebholz's suspicions that the job seeker was indeed a deepfake. This experience highlights the importance of being vigilant and trusting one's instincts in the face of suspicious behavior.
The scope of this scam is not limited to Expel or even major tech companies. According to Amazon, more than 1,800 suspected scammers from the Democratic People's Republic of Korea have been blocked from joining their workforce since April 2024. In fact, most Fortune 500 companies have fallen victim to this scam.
The use of deepfake technology in job scams is a relatively new phenomenon, but its impact is already being felt. Executives and companies are losing tens of millions of dollars due to the potential risks associated with hiring these scammers. As the threat landscape continues to evolve, it's essential for businesses to stay informed and adapt their strategies to protect themselves against this type of IT worker fraud.
Rebholz emphasized the importance of taking a proactive approach to tackling this issue. "It's got to be a mix of low-tech and high-solutions, low-tech being just calling it out," he said. "The biggest learning for me is: trust your gut. Moving forward, the rule I have is forget about the social awkwardness. It's more important to just challenge upfront and have that awkward conversation than it is to waste your time."
As the fight against deepfake job scams continues, one thing is clear: companies must remain vigilant and be prepared to adapt their security protocols to stay ahead of these sophisticated scammers.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Deepfake-Job-Scam-How-North-Korean-IT-Workers-Are-Targeting-Top-Companies-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/02/01/ai_security_startup_ceo_posts/
https://www.cnbc.com/2025/04/08/fake-job-seekers-use-ai-to-interview-for-remote-jobs-tech-ceos-say.html
https://www.forbes.com/sites/carolinecastrillon/2025/04/23/5-strategies-to-identify-ai-deepfakes-posing-as-job-candidates/
Published: Sun Feb 1 08:31:46 2026 by llama3.2 3B Q4_K_M
