Deepfakes in Hiring

1. Sophisticated deepfakes and state-level hackers are infiltrating remote hiring, especially in crypto. They're getting harder to detect in upper funnel hiring pools. AI is and will continue to accelerate this problem.

2. Everything comes back to trust. It's why we require rigorous referrals and lean on our trust networks to find jobs. In the age of AI and easily spoofed credentials, it's also important to verify ownership of multiple accounts.

3. We're excited about advancements in interoperable identity and cryptography that will make it easy to generate verifiable credentials for a candidate's work history, education, and other achievements in seamless, secure, and privacy-preserving ways.

Emma saw this X post on Farcaster from Paul Frambot at Morpho, which prompted us to quickly discuss our POV on this challenge.

Emma, Dan, and Jack discussed the topic on Dec 17, 2024.

Emma: So earlier this morning, I saw this X post make it over to Farcaster. And it immediately made me think about us, of course, because we're thinking a lot about referrals, trusted networks, hiring, identity verification.

And this tweet from Paul at Morpho is at the intersection of all of those, where he says that 6 out of the 30 candidates they interviewed last week were likely North Korean hackers using deep fakes, and so they're sort of reviewing their hiring protocols and basically asked for suggestions, as to how to avoid the deep fakes and the hackers. So Jack, not sure what your immediate reaction is to that, but, immediately made me think about how we're approaching hiring and trust networks specifically. 

Jack: I had actually accepted a request from somebody that Dan suspected was a North Korean hacker. I had seen the account and I was like, I can't really tell, like they had, you know, they have a LinkedIn, they have a GitHub. Looking at the GitHub, they had weird  commits and I think that's actually one of the things that tipped Dan off. And there was also, a pair of accounts that looked really similar. So those in quick succession kind of tipped us off.

On the one hand, it's really hard to tell. These are state-level actors that are intentionally nefarious. I think I  saw a stat that they've stolen 2 billion plus dollars of crypto  in the last two years or whatever. So they're sophisticated. And they're out to infiltrate. That thing that I read was saying that they've actually gone and become full time employees, and worked at places for 6+ months or longer until they strike.

Emma: Right.

Jack: So, this is a  real problem. Like this is a serious problem. Our POV from Icebreaker is that trust is key, right? So I didn't have any trusted connections with that individual, and since I'm more of a "growth Icebreaker connector," I am more prone to accept connections and not really review these profiles. 

But  Dan was able to tell, with a skeptical eye, that something was amiss with these profiles. I'm actually curious to ask Dan what your advice would be for Paul, given that these are sophisticated state-level actors. And I'm curious for what you would say to  him.

Dan: Yeah, so my advice on how to eliminate the threat from state-sponsored hackers? Well, sometimes they may be trying to get hired at a crypto company in order to do an exploit down the line, but they can also just be making money,  and the  compensation from some of these tech companies is also pretty significant. It's just another source of income for them because post-COVID hiring has become so remote. And crypto is also kind of an ideal industry for  this, but this is, I would say, not  just a crypto problem. Crypto is exposing the frontier of this problem, that is going to explode into other industries that do remote hiring and AI is going to just accelerate this problem.

So I think there are multiple stages during the interview process where your, cost of a false positive is higher or lower. When I say a false positive, it's basically somebody getting through that stage of the process who  shouldn't.

And at the upper funnel, the cost of a false positive, as in letting someone through who ends up being a North Korean hacker, let's say, is fairly low, assuming that you're doing more rigorous background checks more proximate to actually hiring them. And if you don't do that, then make sure before you actually hire someone, you are completing all these requisite checks.

But when it's super upper funnel, whenever you're trying to eliminate false positives, you're also going to end up having some false negatives, as in, accidentally preventing some legitimate people from going through the process, right?

So it's a balance. And that's why I think it matters what level in the funnel you are for where you draw that line. The upper funnel, the cost of letting somebody through is fairly low; its still a cost and it's your recruiter's  time, but it's not like, you getting in trouble with the authorities because you've inadvertently funded North Korea or getting a massive exploit to your business, right? Which happens if you actually hire them. So upper funnel, I would say, use the  basics as effectively as you can. So really lean into referrals because those tend to be based on a web of trust. They tend to be easy to do. And if you're not using them, you should force your team into a room and not let them leave until they've them come up with three candidates that are good for the role. And they have a vested interest in the outcome, too, so it should be table stakes that every single company should be doing every single time they're recruiting for a role. Then you can also lean into the trust of the people in your network, so not only the team that's  hiring, but also, the people that, you know,  leaning into them and helping them source candidates.

And that's one of the things that we're also making easier to do at Icebreaker - the ability to kind of broadcast who, you know and who you trust and then make it easy for other people to find them. There's another table stakes thing that I'm surprised more companies don't do, and that's just ensuring that they have some sort of verified profile that ideally is more than a single channel.

So first of all, just by saying, "this is my GitHub," that's not actually proving that they own that GitHub. You're simply showing me that you know about this  GitHub. And secondly, GitHub and LinkedIn actually are fairly easy to spoof. you can recreate a GitHub and because there's no provable time on GitHub, you can actually trick GitHub into making it look like you've been active for years when actually you just opened this account a couple weeks ago. Recruiters should at least make them use something like  an Icebreaker profile or another profile where it shows which accounts are actually verified when they're reaching out to candidates. And when they reach out to you and say "give me a link to your Icebreaker profile," nine times out of ten, they will not reply, especially if they are a scammer.  So that's an easy way to kind of like weed out a lot of the low quality scammers. But that's not 100%. So I think I'd say like at top of funnel, that's  kind of a good starting point. And  then as you go deeper in the funnel, you can basically increase the resolution of your verifications.

We subscribe to this book Who for our hiring process.

So every single person that we interview goes through a very rigorous interview process. And one of those steps is interviewing with me, where I'd say, "who are the last five people you  worked with, and what are they going to say about you when I talk with them?"  And that becomes very difficult to spoof, because I'm actually going to go and talk with those people.

So that's the other thing you can do is get their references and then actually follow up with those references. And you learn a lot about people by following up with those references, obviously with their permission, the best people are going to give you those references, and just the ability to talk with a real person also can help establish  their credibility as a real person  themselves.

So I'd say that, you know, now by the time you do that step, there should be less than 1% fake profile rates. I think this is going to become a bigger and bigger problem, so there will occasionally be new tactics and surprises, but I think that, practically speaking, you can eliminate this problem by following some basic steps at each step in your hiring funnel. 

Emma: Yeah, it was good to see that a lot of the initial feedback that Paul got was along the same lines that you're talking about, which is essentially referrals and identity verification. There were a handful of people that said you just should make everyone interview in person, which obviously isn't super feasible, although that is a pretty good litmus test. But to your point, like the deep fakes  are either getting really good, or the recruiters are getting  really bad. I don't think it's that the recruiters are getting bad. And especially with all of these jobs being remote, obviously the in person check isn't feasible.

So it sounds like the conventional wisdom, which I guess is a good sign for us that we're, you know, thinking along those lines is that the solution is literally referrals and power of trust and then, being able to do a robust identity verification. 

Dan: Well, I do want to flag that when you recruit purely based on referrals then you do have a different problem, which is that you might end up attracting only a bunch of people that are kind of  the same in certain ways. I don't think you ever  want to close the door completely to people who are not direct referrals coming through the door, but that doesn't mean that you should suspend disbelief and not expect them to have their own network of  people who can vouch for them. Even if you don't  know them directly, you should be able to, with a couple hops, get to a place where you can connect with those people. And if they don't have that, then that's a big red flag. And obviously more  junior applicants are going to have less  developed professional networks, but they're still going to have a network. I think you can still tell a lot from the quality and the nature of the network they bring in figuring out who's not real at all.

Jack: Yeah, I was going to say it's basically just double down on the reference check, right? Like if somebody you don't know gets through to your interview stage and then you ask them, "give me the 5 most recent managers and what they would rate you," that has been illuminating for us  every single time.

And it's hard to get to that question even. Like that question is really, to me, that's like the gauntlet. When Dan asks that questions, I hide a little bit in the corner because I'm  like, "man, that's a hard one." Like to walk through your last five managers and reflect on your performance...it definitely tells you a lot about that person.

It's just such a good question and a hard litmus test, that I even find  it hard to ask. So I'm always glad that Dan does ask  that question. It leads us to find really amazing people that have great references, even if they are somebody that doesn't initially have shared trust with us. If they provide a really solid list for us to start with, that that's a signal in itself. 

Emma: Yeah networks are a really just layered context that you get from an individual. To go back to the original story that we had, I think that was seen in this ironic way when we had two North Korean hackers connect with each other over Icebreaker. It's actually quite easy now, at least compared to a couple of years ago, to have a bot with its own bot friends and connections and network. It's a lot harder to spot. Like I remember in the early  days of Twitter, it was really easy to see who a bot was because they basically followed a thousand accounts and had no followers, or had a few followers who were other bots, but now the tech is so much better and really pervasive. So, taking Paul at his word here, it sounds like for Morpho to suspect that there were 6 deep fakes out of the 30 interviews, they were at least good enough where you couldn't tell if it was real person or now. The fact they're just suspecting they aren't real people, but don't know for sure, shows me that we're maybe past that AI tipping point that, you know, we've been warned about for the last couple of years, which is crazy. 

Dan: Yeah, and it'll get even crazier, too. I also wanted to briefly touch on another idea that's been brought up repeatedly, which is "can you just have a score or credential for people to determine if they're real or not?".

The scores are very tempting, especially in crypto. We have a lot of nerds, so we have a natural gravitation towards putting a number on things and calling it a win. Every  score that we've seen in the past  tends to lose its signaling value as it becomes more widely adopted. Basically like anything that you say is the measure, then becomes gamifiable in one or more ways. Like maybe nobody's doing it now, but if it becomes preponderant, then there will become an incentive for people to game it.

And so I think it's a tempting, but also  a very difficult means of determining who gets access to something. Especially also considering that some of the most talented developers, for example, tend to maybe be quieter and may not have the social presence or kind of onchain  reputation that would permit a really high  score. So sometimes these scores can turn into popularity contests and then you get the people who care rising to the top instead of necessarily the super qualified, talented people. So I think that's a challenge with scores, although they certainly can be useful as part of getting the picture of somebody.

And then the other idea  that I think it more a potential  right now, but we will see it play out, and I'm excited for that, is as we begin to have interoperable identity in a digitally verifiable way.

So what I mean by that is basically taking all of these, offline and sort of closed networks where you're a member of, like your university, your alumni  email, the fact that you graduated from  a particular degree program. Most of the time you kind of have to take the candidate's word for it today, but we are quickly moving to a place, with all this great stuff around interoperable identity (and that's one of the reasons we're building Icebreaker), where you can basically take these pieces of data that exist offline or pseudo-online and make them digitally verifiable.  So, just think about how much more powerful  it will be when you're able to filter candidates and when you can easily check whether or not they have the diploma from the college that they say they do.

I think that's a big unlock too, that I'm excited to see manifest as we onboard more user data in a privacy-preserving way, where it can be digitally  verifiable without having to contact the issuer of  that credential like you do today, by calling up an employer or a college to verify whether what they're saying they did, they actually did. That will be possible to do basically permissionlessly, just when the candidate presents some cryptographically verifiable proof that allows you to establish yes, in fact, they do have a signature from MIT or from Google that says that they indeed worked here. 

Emma: Can't come soon enough. Closing thought, Jack, we will be interviewing at some point in the future for another role. What are you taking away from this when you go and interview, since you don't want to ask the five questions about your last five managers and what they would rate you?

Jack: Yeah, I mean, I can't wait for the verification of credentials, right? Like I have "CEO of Google" as my title on LinkedIn, right?

Emma: You're a bad person to ask then, maybe.

Jack: No, I'm doing that as an example of identity! That anybody can say anything, if I can say that on LinkedIn, people are telling way more white lies than, you know, that you probably think so, you have to take all of these profiles online with a grain  of salt.

Emma: Okay, fair.

Jack: Skepticism is probably the right approach  for every single profile. Humans are still, smarter than AI, for now. You have to get the references. You have to ask the five reference question. Ask for the Icebreaker link to prove multiple account ownership. And I think that'll help you find the right person. 

Emma: Fair enough. We might have to start requiring an Icebreaker link with at least five linked accounts to even get a first interview. This might be our sign. 

Dan: Yeah, I was thinking the next job post, we should actually require Icebreaker for the first time.