{"id":30189,"date":"2025-06-02T14:24:03","date_gmt":"2025-06-02T14:24:03","guid":{"rendered":"https:\/\/certn.co\/?p=30189"},"modified":"2025-06-20T16:59:08","modified_gmt":"2025-06-20T16:59:08","slug":"what-happens-when-hr-it-dont-talk-insider-fraud-credential-leaks-and-the-cost-of-misalignment","status":"publish","type":"post","link":"https:\/\/certn.co\/anz\/blog\/what-happens-when-hr-it-dont-talk-insider-fraud-credential-leaks-and-the-cost-of-misalignment\/","title":{"rendered":"What Happens When HR &amp; IT Don\u2019t Talk? Insider Fraud, Credential Leaks and the Cost of Misalignment"},"content":{"rendered":"\n<p>Still think cybersecurity is \u201cnot an HR thing\u201d? Let\u2019s talk.<br><br>The recent <a href=\"https:\/\/www.velotix.ai\/resources\/blog\/analysis\/coinbase-breach-contractor-access-vulnerabilities-security\" target=\"_blank\" rel=\"noreferrer noopener\">Coinbase breach<\/a>, where more than 69,000 users&#8217; data was compromised due to insider threats, underscores the vulnerabilities present when HR and IT operate in silos. In this case, it didn\u2019t start in IT, it started with <em>hiring<\/em>.<br><br>On this week\u2019s episode of <a href=\"https:\/\/certn.co\/podcast\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>What the FTE?<\/em><\/a>, Certn\u2019s Global Head of Background Screening, <a href=\"https:\/\/www.linkedin.com\/in\/donalgreene\/?originalSubdomain=uk\" target=\"_blank\" rel=\"noreferrer noopener\">Donal Greene<\/a>, sits down with <a href=\"https:\/\/www.linkedin.com\/in\/darcy-healey-061403103\/?originalSubdomain=au\" target=\"_blank\" rel=\"noreferrer noopener\">Darcy Healey<\/a>, Certn\u2019s APAC Market Lead. Darcy sees a big gap in how HR teams are trained in cybersecurity, which leads us to the podcast conversation.&nbsp;<\/p>\n\n\n\n<p>Darcy breaks down:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Why the \u201conce and done\u201d background check model is outdated;<\/li>\n\n\n\n<li>How to spot insider threats before they land; and<\/li>\n\n\n\n<li>What happens when you let access creep go unchecked.<\/li>\n<\/ul>\n\n\n\n<p>If your team isn\u2019t building screening practices that match access levels, you\u2019re not just behind \u2013 you\u2019re vulnerable. It\u2019s time to treat background checks like part of your cybersecurity stack, not just an onboarding formality.<\/p>\n\n\n\n<p>Tune into the full episode: <a href=\"https:\/\/open.spotify.com\/episode\/0KsXjKxfhh2iBGVoE6VMSa?si=1AVBM2SQQMqrTcv_xi4YpQ\" target=\"_blank\" rel=\"noopener\">https:\/\/certn.co\/podcast\/<\/a><\/p>\n\n\n\n<p>\u2014<\/p>\n\n\n\n<p>Your greatest security risk may already be on payroll.<br><br>With insider threats on the rise and deepfake documents easier to generate than ever, HR is becoming the front line in cybersecurity. But most HR leaders aren&#8217;t trained for the battle \u2013 and many don&#8217;t even know one is happening.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The Evolving Threat Landscape<\/h2>\n\n\n\n<p>According to Cybersecurity Insiders\u2019 recent <a href=\"https:\/\/go1.gurucul.com\/2024-insider-threat-report\" target=\"_blank\" rel=\"noreferrer noopener\">2024 Insider Threat Report<\/a>, 83% of organisations reported at least one insider attack in the last year.<\/p>\n\n\n\n<p>Let that sink in.<\/p>\n\n\n\n<p>Then there&#8217;s the <a href=\"https:\/\/legacy.acfe.com\/report-to-the-nations\/2024\/\" target=\"_blank\" rel=\"noreferrer noopener\">Association of Certified Examiners&#8217;<\/a> occupational fraud report,\u00a0which highlights that organizations lose an estimated 5% of annual revenue to fraud, with a notable portion attributed to long-term employees whose circumstances had changed post-hire.<\/p>\n\n\n\n<p>Now layer in remote work, and the risks multiply. Distributed teams. BYOD policies. Slower background checks.<br><br>Bad actors don\u2019t need to break in when you leave the door wide open.<br><br>On this week\u2019s episode of <a href=\"https:\/\/certn.co\/podcast\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>What the FTE?<\/em><\/a> Darcy Healey, our APAC Market Lead, shares about what\u2019s happening in Australia, but the warning signs are global.\u00a0<br><br>He\u2019s seeing mid-market and small and medium enterprises targeted more than ever. Why? Because they lack the infrastructure, policies, and, frankly, the cybersecurity literacy to spot the gaps before it\u2019s too late.<br><br>\ud83d\udca1 <em>HR isn\u2019t just hiring anymore. You\u2019re the first line of defence.<\/em><br><br>If your background checks are still one-and-done, or if HR and IT aren\u2019t collaborating, that\u2019s your vulnerability.\u00a0<br><br>Let\u2019s fix that.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What\u2019s Driving Risk<\/h2>\n\n\n\n<p>The threat landscape has changed, and the riskiest behaviours may already be happening inside your organisation because hiring, onboarding and access decisions aren\u2019t keeping up with the latest tactics fraudsters use.<br><br>Here\u2019s what\u2019s fueling the fire:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Credential selling is surging on the dark web \u2013 VPN tokens go for as little as $500.<\/li>\n\n\n\n<li><a href=\"https:\/\/certn.co\/blog\/how-to-spot-fake-ids\/\">Fake IDs<\/a> and forged identity docs are easy to generate with low-code\/no-code tools.<\/li>\n\n\n\n<li>Role creep means employees often gain more access over time than they were originally vetted for<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"1024\" data-src=\"https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-1-1024x1024.png\" alt=\"Darcy Healey Certn What the FTE on HR Insider Threats Quote\" class=\"wp-image-30220 lazyload\" data-srcset=\"https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-1-1024x1024.png 1024w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-1-300x300.png 300w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-1-150x150.png 150w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-1-768x768.png 768w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-1.png 1080w\" data-sizes=\"(max-width: 1024px) 100vw, 1024px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/1024;\" \/><\/figure>\n\n\n\n<p><br>Darcy puts it plainly: \u201cHiring is where the risk is. If you\u2019re not aligning screening with access level, you\u2019re flying blind.\u201d<br><br>Not every threat is malicious. There are well-meaning employees who mishandle sensitive information, clicking phishing links, storing data on unsecured drives or failing to report lost devices. They&#8217;re the cybersecurity equivalent of leaving the front door wide open.<br><br>However, here are four common types of malicious insider threats:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. The Privileged Saboteur<\/h3>\n\n\n\n<p>These are employees (often system admins or IT personnel) with elevated access who retaliate, typically after being demoted, disciplined or terminated. These insiders aren\u2019t always malicious from day one, but they become a risk when their loyalty dissolves. If your offboarding playbook doesn\u2019t include immediate deprovisioning, exit interviews or red flag watchlists, you\u2019re giving them time, tools and motive to retaliate.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. The IP Thief<\/h3>\n\n\n\n<p>Also known as the \u201ccorporate spy.\u201d These insiders steal sensitive data, like proprietary code, product roadmaps or customer lists, to sell on the black market or hand off to competitors. Sometimes they do it on their way out the door; sometimes, they\u2019re planted to do it.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. Expense Fraudster<\/h3>\n\n\n\n<p>Small lies, big losses. These insiders manipulate expense systems \u2013 fudging mileage, inflating vendor invoices or submitting duplicate claims. It often starts \u201csmall,\u201d but once they realise no one\u2019s watching, it escalates. If your background checks don\u2019t verify employment history or spot patterns of misconduct, you could be hiring someone who\u2019s already done this elsewhere. Pair that with weak internal controls, and you&#8217;ve got a clear path for fraud to happen.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. Compromise Contractor &#8211; The Credential Seller<\/h3>\n\n\n\n<p>Some insiders monetise their access. They sell credentials (like VPN tokens or admin logins) to bad actors on the dark web. These individuals often appear trustworthy on paper, but financial stress or lack of oversight pushes them over the edge.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">One Check Isn\u2019t a Strategy<\/h2>\n\n\n\n<p>In Australia, <a href=\"https:\/\/www.standards.org.au\/standards-catalogue\/standard-details?designation=as-4811-2022\" target=\"_blank\" rel=\"noreferrer noopener\">AS 4811:2022<\/a> now mandates risk-tiered workforce screening, because not all roles carry the same exposure and not all threats knock on the front door.<br><br>Globally? The red flags are waving. Just look at the Coinbase breach, where contractors with read-only access allegedly exfiltrated personal data from more than 69,000 users. The access was limited, the damage wasn\u2019t.<br><br>Yet many HR teams still treat background checks like a checkbox, one and done. Screen at hire, then move on.&nbsp;<br><br>No rescreening.&nbsp;<br><br>No access review.&nbsp;<br><br>No context.<br><br>That might have been fine a decade ago, but today it\u2019s a risk you can\u2019t afford.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What Forward-Thinking Teams Are Doing<\/h2>\n\n\n\n<p>The insider threats Darcy covers aren\u2019t just an Australian problem. They\u2019re a global wake-up call, and smart HR teams are answering it by rethinking how screening fits into the bigger picture of risk and readiness.&nbsp;<br><br>With mega-breaches grabbing headlines and regulations tightening, any process that touches personal data, including background screening, is under the microscope.&nbsp;<br><br><strong>There\u2019s a cybersecurity truth we don\u2019t talk about enough in HR: your company is only as secure as the people you\u2019ve hired.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"1024\" data-src=\"https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-2-1024x1024.png\" alt=\"Darcy Healey Certn What the FTE on HR Insider Threats Quote \" class=\"wp-image-30224 lazyload\" data-srcset=\"https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-2-1024x1024.png 1024w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-2-300x300.png 300w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-2-150x150.png 150w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-2-768x768.png 768w, https:\/\/certn.co\/wp-content\/uploads\/2025\/05\/Darcy-Healey-Certn-What-the-FTE-on-HR-Insider-Threats-Quote-2.png 1080w\" data-sizes=\"(max-width: 1024px) 100vw, 1024px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/1024;\" \/><\/figure>\n\n\n\n<p><br>\u201cYou don&#8217;t need to be a single security expert, but there needs to be an understanding of how people become the weakest link. As I said earlier, the first line of defence is a person, but they&#8217;re also the biggest vulnerability, and hiring is where the risk is, so lock it down from the outset.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Practical Strategies for HR Leaders<\/h2>\n\n\n\n<p>Beyond educating and training teams with short, sharp refreshers quarterly, not just once a year, here\u2019s how the most future-fit leaders are getting ahead of the curve:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u2705 Risk-Based Screening Matrices<\/h3>\n\n\n\n<p>Gone are the days of one-size-fits-all checks.<br><br>Progressive teams are mapping screening depth to access level, regulatory exposure, and business impact:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Entry-level admin role? Stick to the basics.<\/li>\n\n\n\n<li>Moving from IC to leadership? That\u2019s a rescreen trigger.<\/li>\n\n\n\n<li>Finance manager with access to PII and payment systems? You\u2019re going deeper: identity verification, credit history, global sanctions, maybe even adverse media.<\/li>\n<\/ul>\n\n\n\n<p>Your matrix becomes your security playbook, so hiring stays fast but smart, and every check is fit for purpose. This is how you move from \u201ccheck the box\u201d to \u201ccover your bases.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udd01 Rescreening Schedules That Actually Make Sense<\/h3>\n\n\n\n<p>Pre-hire checks are just a snapshot. Risk evolves. Your screening should too.<\/p>\n\n\n\n<p>Forward-thinking organisations are implementing rescreening schedules like:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Every six months for high-risk, high-access roles (finance, infosec, healthcare)<\/li>\n\n\n\n<li>Every 12\u201318 months for mid-level or dynamic roles where access can shift quickly<\/li>\n\n\n\n<li>At moments of change \u2013 like promotions, internal transfers, or expanding system privileges<\/li>\n<\/ul>\n\n\n\n<p>This isn\u2019t about being paranoid, it\u2019s about being prepared. Think of it like updating your antivirus software\u2026 for people.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83e\udd1d HR + IT = Risk Reduction Dream Team<\/h3>\n\n\n\n<p>Still treating HR and IT like separate planets? Time to build a bridge.<br><br>Cross-functional teams are closing the gap with joint oversight of onboarding, offboarding, and access controls, because:<br>1. HR knows who people are and what they need access to; and<\/p>\n\n\n\n<p>2. IT knows how they access it, and where the vulnerabilities live.<br><br>Together, this creates a continuous loop of visibility and protection: screening, provisioning, flagging, deprovisioning. No loose ends. No surprise back doors.<br><br><strong>Key Takeaway<\/strong>: Treat background screening like you treat firewalls: essential infrastructure. Once the breach is internal, it\u2019s already too late.<br><br>Let\u2019s dig into each of these strategies a bit more\u2026<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Use of Standards and Accreditation<\/h2>\n\n\n\n<p>Traditionally, background checks were a one-time pre-employment event. This is also changing.<br><br>Australia&#8217;s updated workforce screening standard, AS 4811:2022, emphasises a risk-based approach to employee screening and reflects what smart HR leaders already know: risk doesn\u2019t stop after day one. It evolves. So your screening strategy should too.&nbsp;<br><br>Here\u2019s what the AS 4811:2022 pushes for:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Risk-tiered screening based on role sensitivity<\/li>\n\n\n\n<li>Identity verification and right to work checks verified against authoritative sources<\/li>\n\n\n\n<li>Ongoing monitoring for roles with elevated access or influence<\/li>\n<\/ul>\n\n\n\n<p>And it\u2019s not happening in a vacuum.&nbsp;<br><br>Across the board, we\u2019re seeing regulatory schemes and risk management best practice push for continuous monitoring becoming the expectation, not the exception. As Darcy details, we\u2019ve seen <a href=\"https:\/\/www.apra.gov.au\/\" target=\"_blank\" rel=\"noreferrer noopener\">APRA<\/a> enforce annual checks for bank executives, <a href=\"https:\/\/www.acic.gov.au\/services\/national-police-checking-service\/find-out-more-information\/legislation\" target=\"_blank\" rel=\"noreferrer noopener\">WWC systems<\/a> moving to continuous monitoring and <a href=\"https:\/\/www.cisc.gov.au\/legislation-regulation-and-compliance\/soci-act-2018\" target=\"_blank\" rel=\"noreferrer noopener\">SOCI guidelines<\/a> urging ongoing monitoring\u200b.<br><br>Regulators sometimes cite these standards approvingly\u200b. Adopting such standards internally can both improve your process and serve as evidence that you took \u201creasonable precautions\u201d to comply with legal obligations.<br><br>The message is clear: One-and-done is a liability.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What This Looks Like in Practice<\/h3>\n\n\n\n<p>Let\u2019s say a trusted employee commits a serious offence after they\u2019re hired. If that offence would\u2019ve disqualified them from the role originally, and you don\u2019t know about it? That\u2019s not just bad optics. That\u2019s a legal and reputational landmine.<br><br><strong>Smart orgs are now<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Asking employees to self-report charges or revocations<\/li>\n\n\n\n<li>Requiring annual declarations (e.g., \u201cI haven\u2019t been charged, lost credentials, etc.\u201d)<\/li>\n\n\n\n<li>Periodically rerunning key checks, like police or credit reports, based on role sensitivity<\/li>\n<\/ul>\n\n\n\n<p>This creates a culture of always vetted, not just \u201cvetted once and forgotten.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Implement Role-Based Screening (Risk-Based Approach)<\/h2>\n\n\n\n<p>Over-screening burns time, budget, and trust. Under-screening opens the door to serious risk. Smart HR leaders know: calibration is everything.<strong> <\/strong>A role-based (AKA risk-based) screening approach ensures you&#8217;re not flying blind\u2026 or overcorrecting.&nbsp;<br><br><strong>Here&#8217;s how:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Low-risk roles<\/strong> (think: entry-level, no system access) may only need ID verification, work rights, and reference checks.<\/li>\n\n\n\n<li><strong>High-trust roles<\/strong> (finance, IT, leadership) should trigger more in depth checks \u2013 police, credentials, even financial background.<\/li>\n<\/ol>\n\n\n\n<p>Map this in a simple screening matrix. It turns your process into policy and helps your team apply it consistently.<\/p>\n\n\n\n<p>This kind of calibration doesn\u2019t just make business sense, it shows regulators you\u2019re living up to privacy principles like proportionality (only collecting what\u2019s necessary). It also gives you a solid defence against bias claims: checks are tied to risk, not vibes.<\/p>\n\n\n\n<p>As Darcy mentions in <a href=\"https:\/\/open.spotify.com\/episode\/0KsXjKxfhh2iBGVoE6VMSa?si=26a41a6d33c341ed\" target=\"_blank\" rel=\"noreferrer noopener\">the episode<\/a>, don\u2019t set it and forget it. As roles evolve, so does risk. Review your screening tiers regularly to keep pace with your org and the law.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Ditch \u201cOne-and-Done\u201d: Why Ongoing Screening Is Becoming the Norm<\/h2>\n\n\n\n<p>Pre-hire checks are only part of the story. Risks don\u2019t disappear after onboarding, they evolve. That\u2019s why more companies are moving to continuous background screening for high-risk roles.<br><br>We\u2019re talking about services that monitor public records, media mentions or credit alerts and flag major issues like criminal charges after hire. Useful? Absolutely. But it\u2019s not plug-and-play.<br><br>Before you roll out post-hire monitoring, get your legal team in the room. You\u2019ll need to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Navigate workplace surveillance laws<\/li>\n\n\n\n<li>Align with privacy regulations<\/li>\n\n\n\n<li>Get clear on what\u2019s fair, legal and necessary<\/li>\n<\/ul>\n\n\n\n<p>And if you&#8217;re storing background check data? Lock it down. That means:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Encrypted databases<\/li>\n\n\n\n<li>Role-based access controls<\/li>\n\n\n\n<li>Retention schedules that don\u2019t keep data longer than needed<\/li>\n<\/ul>\n\n\n\n<p>You can\u2019t claim to be serious about trust if your compliance game is sloppy.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Choose Screening Partners Who Have Your Back<\/h2>\n\n\n\n<p>Not all background check vendors are created equal, and their mistakes become your liabilities. Whether it\u2019s verifying international degrees, running criminal history checks, or contacting references, you\u2019re trusting that vendor to get it right.&nbsp;<br><br>\u2705 Look for accreditations (e.g., ACIC in Australia for criminal checks)<br>\u2705 Make sure data stays secure &#8211; and onshore, unless you\u2019ve signed off<br>\u2705 Ask if they proactively update workflows to match evolving laws<br><br>A credible partner doesn\u2019t just run checks, they help handle compliance, adapt to legal updates (like privacy reforms), and provide the audit trails you need to prove due diligence. Additionally, background screening vendors are offering more compliance-focused solutions \u2013 e.g., ISO 27001 certified platforms for data security and audit trails that show each step of a check was properly completed with consent.&nbsp;<br><br>It might be worth conducting a compliance audit of your background check process with your legal or risk team, benchmarking against these standards, especially as 2025 reforms kick in. Such an audit could reveal, for example, that you need to update your consent forms language or add an extra step to verify contractor checks.<br><br>If your background check strategy hasn\u2019t changed in five years, it\u2019s time to rethink what \u201csafe\u201d really means. Certn can help you build a scalable, role-aware, compliance-friendly screening program, one that evolves as fast as your workforce does.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Preventing Fraud&nbsp;<\/h2>\n\n\n\n<p>As I mentioned in my last article, <a href=\"https:\/\/certn.co\/blog\/is-that-candidate-even-real-the-rise-of-ai-deepfakes-and-how-to-deepfake-proof-your-hiring-process\/\" target=\"_blank\" rel=\"noreferrer noopener\">Is That Candidate Even Real? How to Deepfake-Proof Your Hiring Process<\/a>, identity fraud is a growing threat in recruitment. There have been cases of imposters using someone else\u2019s name to get a job. With more remote hiring, HR can\u2019t always rely on face-to-face document checks.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Social Engineering: The Oldest Trick, Still the Easiest<\/h3>\n\n\n\n<p>Social engineering is the art of manipulating people into giving up confidential information or performing actions that compromise security without ever hacking a line of code.<br><br>In a hiring landscape shaped by speed and scale, social engineering remains the low-hanging fruit for threat actors. It\u2019s cheap, it\u2019s fast, and it works, especially when hiring teams rely on visual inspection alone.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">What Social Engineering Looks Like in HR<\/h4>\n\n\n\n<p>In the context of HR and hiring, social engineering might look like:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Forged documents that pass a visual sniff test (fake IDs, degrees, reference letters).<\/li>\n\n\n\n<li>Candidates impersonating others, using real identities to get hired under false pretenses.<\/li>\n\n\n\n<li>Phishing recruiters or HR team members to gain access to internal systems or candidate data.<\/li>\n\n\n\n<li>False references or coordinated backchanneling to present a fake employment history.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Why It Works<\/h4>\n\n\n\n<p>Because people trust too easily. We like to believe the person in front of us is who they say they are. And hiring is often fast-paced and high-pressure, which creates the perfect storm for manipulation.&nbsp;<br><br>Furthermore, most ID verification tools aren&#8217;t built for fraud detection, they\u2019re built for onboarding speed. Many platforms still depend on human judgment \u2013 a recruiter eyeballing a passport image and checking a name.<br><br>As Darcy and I discuss, you don\u2019t need to be a hacker genius to fake documents anymore. The tools are cheap and the skill barrier is low. With no-code deepfake generators, almost anyone can spoof a government ID or employment record.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">What to Do Instead<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Invest in <\/strong><a href=\"https:\/\/certn.co\/anz\/identity-verification\/\"><strong>biometric identity verification<\/strong><\/a> solutions that match government-issued IDs to a live selfie using liveness detection.<\/li>\n\n\n\n<li><strong>Demand direct-source verification<\/strong> from your screening partner. (No middlemen. No delays.)<\/li>\n\n\n\n<li><strong>Run random spot checks<\/strong> on high-turnover roles or temp workers.<\/li>\n\n\n\n<li><strong>Train your TA team<\/strong> to recognise red flags like identical formatting across different resumes or references that never answer the phone.<\/li>\n<\/ol>\n\n\n\n<p>You don\u2019t need to fear fraud, but you do need to face it.&nbsp;<\/p>\n\n\n\n<p>In a world where identity can be faked with a few clicks, trust needs to be verified, not assumed. Overall, robust identity verification at the hiring stage underpins all other checks. You can\u2019t rely on a criminal history check or other checks if you didn\u2019t verify the person\u2019s ID properly in the first place.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Final Word &#8211; HR\u2019s Role in Cybersecurity Isn\u2019t Optional<\/h2>\n\n\n\n<p>If your screening strategy hasn\u2019t evolved since 2018, you\u2019re not securing your business, you\u2019re exposing it. Smart CHROs and TA leaders are already operating like CISOs: treating trust as an asset, risk as a metric, and screening as core infrastructure.<\/p>\n\n\n\n<p>It\u2019s not about paranoia, it\u2019s about preparedness. As insider threats get smarter and compliance stakes get higher, HR teams that step up screening, tighten IT alignment and commit to continuous risk management won\u2019t just reduce exposure. They\u2019ll raise their strategic value inside the business.<\/p>\n\n\n\n<p>Don\u2019t hesitate to email me if you have any questions about vendor selection or how to secure your hiring process. You can also<a href=\"https:\/\/www.linkedin.com\/in\/donalgreene\" target=\"_blank\" rel=\"noreferrer noopener\"> connect with me on LinkedIn<\/a>.<\/p>\n\n\n\n<p>\u2014<\/p>\n\n\n\n<p>Want to see how Certn helps companies fraud-proof hiring?<a href=\"https:\/\/certn.co\/anz\/request-a-quote\/\"> <strong>Request a demo.<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Still think cybersecurity isn\u2019t an HR problem? Think again. In this deep dive, Certn\u2019s Donal Greene and Darcy Healey unpack how HR and IT misalignment fuels risk, why background checks can\u2019t be one-and-done, and what future-fit teams are doing to stay secure. <\/p>\n","protected":false},"author":52,"featured_media":30232,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[284,285],"tags":[],"class_list":["post-30189","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai-technology","category-what-the-fte"],"acf":[],"_links":{"self":[{"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/posts\/30189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/users\/52"}],"replies":[{"embeddable":true,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/comments?post=30189"}],"version-history":[{"count":5,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/posts\/30189\/revisions"}],"predecessor-version":[{"id":30627,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/posts\/30189\/revisions\/30627"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/media\/30232"}],"wp:attachment":[{"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/media?parent=30189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/categories?post=30189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certn.co\/anz\/wp-json\/wp\/v2\/tags?post=30189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}