AI Deepfake Job Candidate Scam on LinkedIn
Fabricated LinkedIn profiles built with AI-generated photos and resumes apply for remote roles, using deepfake video and stolen credentials to pass recruiting screens for jobs that give access to sensitive systems.
Part of: AI Deepfake Job Candidate Scam
Last reviewed: 5 July 2026
LinkedIn's role as the default professional network means a convincing profile with an AI-generated headshot, plausible work history, and real-looking recommendations can pass a recruiter's first glance before any interview even happens.
How this scam works on LinkedIn
A recruiter posts a remote role and receives an application from a profile with a polished AI-generated photo, a resume borrowing real company names and job titles, and sometimes purchased or stolen identity documents to pass background checks. The profile may have a thin but plausible connection history built up over weeks specifically to look established.
Once shortlisted, the applicant moves the conversation off LinkedIn to a video call where a real-time deepfake face swap or voice clone stands in for the person actually attending, allowing someone who doesn't match the submitted identity to pass the interview. The goal is usually to get hired into a remote IT or access-heavy role in order to plant malware, exfiltrate data, or divert paychecks and equipment, rather than to do the job itself.
Common red flags
- Profile photo has subtle artifacts common in AI generation, such as odd ear or earring asymmetry, blurred background edges, or teeth that look too uniform
- Thin, recently created connection network despite a resume claiming years of senior experience
- Resume lists real companies but hiring managers there have no record of the person
- Reluctance to turn on camera consistently or frequent claims of technical issues during video interviews
- Insistence on being paid via personal payment apps or having company equipment shipped to a different address than the one on file
- Video call lighting, lip-sync, or blinking looks slightly unnatural, especially under sudden camera movement
How to protect yourself
- Verify identity documents and work history independently rather than relying solely on the LinkedIn profile
- Ask candidates to briefly move their hand in front of their face or turn sharply during a video call, which can disrupt some real-time deepfake tools
- Cross-check claimed employers directly rather than trusting resume text alone
- Require identity verification through a dedicated, secure verification service for remote hires with system access
- Be cautious of candidates who avoid live, unscripted follow-up questions or repeatedly reschedule video calls
- Limit system access provisioning until in-person or strongly verified identity confirmation is complete
How to report it
- Report the fake profile directly to LinkedIn using its impersonation or fake account reporting tool
- Report the incident to your organization's security or HR fraud team immediately
- File a report with the FBI's IC3 (in the US) or your national cybercrime reporting center if the hire led to a security breach
- Alert the companies whose names were falsely used as employment history
Frequently asked questions
Can real-time deepfake video calls really pass a hiring interview?
Yes, increasingly convincing face-swap and voice-clone tools have been used to impersonate a different person live on video calls, particularly for remote-only roles that never require in-person contact.
What's the single best defense for a recruiter?
Independently verifying identity and prior employment through channels the candidate doesn't control, rather than trusting documents or a video call alone.