Few topics are as important as IT security. Hacking, internet based scams and cybercrimes, such as ransomware attacks, pose a serious threat to individuals as well as businesses.
Criminals seized the opportunity presented by pandemic lockdowns. The online shopping boom, vaccination programs, test and trace, and government financial support schemes all combined to produce a fraudster’s bonanza.
The threat is complex. From fake Facebook accounts that attempt to spread incorrect news and information, through to phishing scams that attempt to gain bank details, the methods and aims of hackers and cybercriminals vary enormously.
One of the most worrying techniques is the use of ‘deepfake’ technology. The term ‘deepfake’ is a combination and contraction of the words ‘deep learning’ and ‘fake’. This is a form of AI-based technology that allows the creation or alteration of images, audio, and video. This enables the invention of false content that may appear to be real.
Some of the most well-known examples have been used as internet click bait, featuring politicians or public figures such as Barack Obama, Donald Trump, Mark Zuckerberg and Nancy Pelosi, presenting invented content. Most are obvious spoofs, and are easy to identify.
However, the technology is advancing fast and this means that there is a significant potential to misuse deepfake technology for malign purposes.
To facilitate fraud within businesses, one example could be to issue fraudulent payment instructions to the finance team by replicating the voice of the finance chief over the phone. Or a more advanced version of the technology could insert a fake line into a CEO’s keynote or other newsworthy event.
The word of business or political leaders can be highly influential. Billionaire Elon Musk wiped hundreds of millions off the value of Bitcoin simply by declining to accept the cryptocurrency as payment for Tesla cars. The potential for deepfake misuse is really only limited by the imagination.
The increasing sophistication of deepfake technology is running in parallel with the increasing capability and proliferation of recruitment technology. At the heart of any con involving deepfakes is the question of identity. Identity theft and impersonation are critical factors in many frauds.
One strong RecTech trend is for the use of video as part of the candidate search and selection process. Deepfake video interviews are one possible misuse of the technology, but the question is why would someone go to the trouble?
If the motive is financial fraud, then an applicant’s interview for a remote worker role could be spoofed and supported with deepfake technology. This might enable a deepfake fraudster to impersonate a real person and hide their own identity to gain insider access to an organisation’s IT and commercial systems. Inside the organisation they could hijack payroll or accounts payable processes, or perhaps even execute a more sophisticated fraud.
Another potential threat is not so much to the recruitment process, but to the HR function in general. Harassment or sabotaging of an employee’s private or professional reputation is another potential way that deepfakes could be misused.
For example, a manager’s authority could be undermined by using deepfakes to suggest incompetence or malpractice. Or, imagine damaging mobile phone footage emerging during a race for promotion which destroyed the reputation of one of the candidates?
At the moment, the threat from deepfake technology to recruitment and businesses is tangible, but it is also widely held to be negligible. However, it is serious enough for Accenture to have defined how businesses should respond to the growing threat from deepfakes.
Hackers, cybercriminals and fraudsters seem to be limitless in their ability to concoct ways to fool us and use our human behaviours against us. They are constantly testing and developing their techniques. It is likely that the threat to the recruitment process or to the HR function from deepfakes is going to evolve and it is one the industry needs to keep an eye on.
The history of technological advancement shows us that once the genie is out of the bottle, you can’t put it back in. Deepfake is here to stay. The benevolent and ethical use a technology is always going to be accompanied by its use for malevolent and unethical purposes.
ETZ secures you data and timesheet, invoicing and payment processes to IT industry information security standards, while streamlining your back office and integrates your other favourite applications for accounting.
Whatever path RecTech and the recruitment industry follows, you can be sure ETZ will be there to make sure you get the right solutions and advice. To find out more about how we help agencies like yours to get the best value from RecTech, call us on 0800 311 2266 or book a demo.
Boosting operational efficiency in the recruitment back office The back office of a recruitment agency plays a pivotal role in...Read more
Does ‘thought readership’ have a place in recruitment? In recruitment, in the battle for audience engagement, just like any other...Read more
Mastering RecTech determines your level of success The operating environment is dynamic and fast-moving. The opposition is aggressive and hungry...Read more
See what ETZ could do for your agency with an online demo
Save hassle, time and money with our powerful software.Book a Demo