The six high-cost AI attacks every CISO needs to know - Pindrop

AI is enabling new kinds of attacks against enterprises, exploiting trust in established channels. Attackers are using AI to scale existing scams, creating convincing fake identities and impersonations.

What happened

In one case, North Korean operatives used deepfakes and synthetic identities to apply for jobs at US companies. These fake candidates had polished resumes, credible LinkedIn profiles, and impressive work histories. During interviews, they used real-time face-swap tools and manipulated voices. One such candidate, "Jamie," applied for a Senior Software Engineer role at Pindrop. He had clear answers and a polished delivery, but a Pindrop Pulse alert raised concerns and his IP address was linked to North Korea. Further investigation revealed patterns in device telemetry, geography, network characteristics, email patterns, and synthetic identity construction amongst fake candidates. One confirmed fake applicant helped uncover a web of 23 past candidates with similar patterns.