Finding a job in today’s competitive market is difficult enough on its own. Still, with the rise of artificial intelligence, it’s becoming even more difficult. Hackers and scammers are leveraging generative AI tools, deepfake technology, and social engineering tools to attack job seekers. When successful, these AI scams can cause financial devastation and take a lasting emotional toll on victims.
How Hackers Are Using AI To Attack People Looking for Work
Back in the days when people used newspaper classified ads or pounded the pavement to look for a new job, the likelihood of encountering a fake listing or job offer was minimal. Now that almost all job seekers find openings online or via word-of-mouth, hackers have a golden opportunity to prey on unsuspecting, vulnerable, and sometimes desperate individuals.
Not only people looking for jobs can fall victim to AI scams. Criminals also use the information they gather from unsuspecting “applicants” to launch phishing attempts against businesses. The combined total of individual and business losses from these attacks reached over $500 million in 2023.
How are the cybercriminals launching these attacks? Several ways, including:
- Using generative AI tools to create fraudulent listings on popular employment platforms.
- Using AI to reach out to targeted individuals with fake job opportunities, tricking them into giving up sensitive data hackers can use in phishing attempts.
- Using AI tools to mimic formal job processes, including deepfake technology for “interviews.”
The goal of these attacks is to trick job seekers. Still, in some cases, they go after specific individuals at targeted companies.
Identifying Employment-Related AI Scams
Although fraudsters can launch AI scams against any industry, the primary targets are the healthcare, financial, and technology sectors. Most fake listings are for remote positions and often seem too good to be true, with unusually high salaries and generous benefits packages.
It’s not just the attractiveness of the job that gets people to respond, though. Cybercriminals use this approach because there’s inherent trust in the traditional job search process, which encourages people to give out information they might not otherwise. The criminals also prey on job seekers’ vulnerability; for many people who have had limited success in their search, getting any response can feel like a win and cause them to ignore red flags.
Even the most sophisticated AI scams often have red flags, too, like the traditional hallmarks of phishing attempts:
- Poor spelling and grammar.
- Unusual requests.
- A sense of urgency.
- Other similar signs.
A “job offer” that requires any payment is also a scam.
In response to the increase in attacks, many companies publish statements on their careers pages warning job hunters about the potential for scams and offering tips on avoiding remote job fraud and identity theft. Ultimately, everyone must perform due diligence on any job listing or offer to confirm its legitimacy and avoid becoming a victim.
