The Rise of Fake Candidates Isn’t a Theory Anymore — It’s Happening Right Now

Written By Miles Love

If you’re in recruiting, talent, or leadership and you still think “fake candidates” are edge cases… you’re already behind.

This isn’t just resume fraud or someone stretching their experience.

This is organized, global, and in some cases… state-backed.

Recent reporting shows that North Korean operatives are actively posing as American tech workers, stealing LinkedIn identities, passing interviews, and getting hired into real companies.

Let that sink in.

They’re not just applying.

They’re getting offers.

They’re getting access.

What’s Actually Happening

This isn’t random spam—it’s a system.

Here’s how it typically plays out:

  • Stolen or cloned LinkedIn profiles with real work history

  • AI-generated headshots, resumes, and even deepfake interviews

  • Use of U.S.-based “helpers” to pass background checks or host company laptops

  • Remote roles (especially engineering) targeted aggressively

  • Once hired → access to internal systems, codebases, customer data

In some cases, companies don’t realize what happened until months later—after data is already compromised.

And this is not small scale.

  • Hundreds of U.S. companies have already been impacted

  • Millions of dollars have been funneled through these schemes

  • Some reports estimate tens of thousands of fake IT workers globally

This is what happens when remote work + AI + weak identity verification collide.

The Scariest Part? They Look Legit

These aren’t obvious fake profiles.

They:

  • Copy real people’s LinkedIn accounts

  • Use legitimate company experience

  • Have endorsements, activity, even mutual connections

  • Show up polished, responsive, and technically competent

Some even pass coding interviews and perform on the job—while quietly creating backdoors or extracting data.

This is not a “bad candidate” problem.

It’s a security problem disguised as hiring.

Where Companies Are Getting Burned

Most teams aren’t losing because they’re careless.

They’re losing because their process wasn’t built for this level of sophistication.

Common gaps:

  • Fully remote hiring with no identity verification

  • Over-reliance on LinkedIn profiles as truth

  • No validation of location or device access

  • No coordination between recruiting and security teams

  • Treating hiring as HR… not as a potential attack vector

If your hiring process ends at “offer accepted,” you’re exposed.

How to Protect Your Company (Without Slowing Hiring to a Crawl)

You don’t need to become paranoid—but you do need to level up.

Here’s what actually works:

1. Add Friction Where It Matters

  • Require live video interviews (not just async or audio)

  • Watch for deepfake tells (lag, lighting inconsistencies, voice mismatch)

  • Ask candidates to move or interact naturally on camera

2. Validate Identity Beyond LinkedIn

  • Cross-check email domains (personal vs. corporate history)

  • Ask candidates to confirm past employers via official channels

  • Use references you source—not just ones provided

3. Use “Proof of Presence” Tactics

  • Ship equipment only after verification

  • Require IP consistency during onboarding

  • Flag logins from unexpected geographies immediately

4. Tighten Access on Day 1

  • Least-privilege access (no broad permissions early)

  • Monitor unusual behavior (downloads, repo cloning, off-hours access)

  • Treat new hires like privileged users—not default trusted

5. Train Your Recruiting Team

Your recruiters are now your first line of defense.

They should know how to spot:

  • Slight inconsistencies in communication

  • Overly polished, templated responses

  • Candidates avoiding real-time interaction

Simple LinkedIn-Level Protection (Most People Ignore This)

At an individual level, this is where things get real.

If your profile gets cloned, you become the attack vector.

Do this immediately:

  • Add a note in your LinkedIn bio:
    “I will never reach out from any email other than [yourdomain.com]”

  • List your official email domain clearly

  • Be cautious accepting random connections in your industry

  • Periodically search your own name + company to spot duplicates

  • Report fake profiles directly to LinkedIn immediately

Because once someone is impersonating you, they’re borrowing your credibility to access others.

The Bigger Shift No One Is Talking About

Hiring is no longer just about talent.

It’s about trust infrastructure.

We’re entering a world where:

  • AI can generate a perfect candidate

  • Identity can be faked at scale

  • And “remote” removes most physical verification

Which means…

The companies that win aren’t the ones who hire fastest.

They’re the ones who hire securely without killing speed.

Final Thought

This isn’t fear-mongering—it’s already happening.

Amazon reportedly blocked thousands of suspicious applicants tied to these schemes.

The question isn’t if your company will encounter fake candidates.

It’s whether your process is built to catch them before they’re inside your systems.

Because once they’re in…

It’s no longer a recruiting problem.

Miles Love
Previous

Anthropic’s Code Leak Is a Wake-Up Call for AI’s Next Phase
Next

Tech Hiring Right Now: What the Data Actually Says (And Where the Jobs Still Are)