Recent incidents involving AI-generated job candidates and deepfake employees are creating a new security challenge for organizations worldwide. In 2024, a North Korean operative successfully infiltrated cybersecurity firm KnowBe4 using a fully fabricated identity, passing interviews, background checks, and references before being detected within 25 minutes. Security experts warn that advances in generative AI now allow attackers to maintain multiple fake identities, manipulate video and voice, and gain trusted access to corporate networks. Analysts predict that by 2028, one in four global job applicants could be synthetic. Companies are urged to treat identity verification as a continuous security process, implement layered monitoring, and prepare for AI-enabled threats entering through trusted hiring processes. This article explains the lessons from the KnowBe4 incident, the evolving risk landscape, and practical controls organizations can adopt.

UAE bank manager approved funds be transferred because the voice and tone was OK, emails confirmed the conversation and legal also confirmed authority to release, yet it was not alright at all.

In 2019, criminals cloned a CEO’s voice and exposed a fatal flaw in how organizations verify identity. Six years later, that same flaw is driving billions in AI-powered fraud losses.

Employees are wiring millions to fraudsters on deepfake video calls, while AI agents are being manipulated to execute breaches from the inside and 8% of organizations don't  know they've been compromised. The UK's NCSC confirmed what researchers have been warning about: prompt injection may be fundamentally unfixable, and the breach wave is already here.