Introduction
Amid rising adoption of GenAI by both candidates and employers, a disturbing trend has emerged: Organizations have inadvertently hired remote IT workers based in North Korea.1 However, fraud is not exclusive to candidates in sanctioned countries who may hide their location or submit false ID documents. Gartner inquiry indicates growing concern from recruiting leaders over candidates who lack the necessary skills and qualifications using GenAI or deepfakes in interviews and assessments.
While lying on a resume is not new, improving output from GenAI coupled with location hiding and stolen or fake identities make it easier for candidates to deceive employers. This exposes organizations to a wide range of legal, financial and cybersecurity risks and threatens the ability to attract and hire high-quality talent with the right skills.
However, existing approaches to asking candidates for identity information and carrying out background checks are not sufficient to mitigate these contemporary threats. The 2024 Gartner Recruiting Innovation Survey showed that only 7% of recruiting leaders were then using identity document validation software during the recruitment process. Yet 54% of those survey respondents agreed that advances in technology make candidate fraud a larger problem than it was just two years ago.2
Recruiting leaders must deploy automated identity verification (IDV) technology early in the recruiting process and strengthen background checks to include geolocation and digital identity footprint checks. In addition, assessments must be carried out more rigorously to include proctoring and to mitigate against unpermitted use of GenAI tools. Finally, a broader cross-functional strategy is required to address the inevitable risk of fraudulent hires, which must focus on monitoring anomalous activity after onboarding.
Figure 1 outlines the impacts of candidate fraud via AI, and Gartner’s top recommendations for recruiting leaders.
Figure 1: Impacts and Recommendations for Recruiting Leaders

Impacts and Recommendations
Remote Roles Face Rising Risk of Candidate Identity Fraud
Candidate fraud is on the rise. For example, organizations have unknowingly hired skilled remote IT workers based in North Korea.3 Typically, these employees rely on U.S.-based laptop farms, install unauthorized software and log in via VPN. This is not exclusive to North Korea, nor is it exclusive to IT workers.
Organizations may detect unusual or suspicious activity on a user’s account shortly after hiring, or note inconsistencies in where the employee is logging in from. The employee may avoid being on camera for meetings or alter their appearance via AI. Other organizations have uncovered inconsistencies in the candidate’s address and work history between the background check results and what was supplied on the resume, or the candidate’s address may not correlate to a residential address, or the address history does not align with the candidate’s name.
To prevent fraudulent candidates from receiving offers of employment, recruiting leaders must deploy IDV early and often in the recruiting process.
— Gartner
Identity verification tools provide assurance that a real-world identity exists, and that the individual claiming the identity is its true owner and is genuinely present during the digital interaction.
IDV capabilities at their most basic combine a photo ID and a selfie to confirm document authenticity and ownership between the person and the document, to assure that a real-world identity exists and that the genuine owner of that identity is present (as shown in Figure 2). Users are able to complete this process via a smartphone, laptop or tablet. IDV capabilities often include location intelligence to assess the location of a user’s device and correlate it against the presented ID. For more, see Magic Quadrant for Identity Verification.
Figure 2: Five Steps in the Identity Verification Process

Recruiting leaders should deploy IDV capabilities during the video interview stage, and/or during candidate assessments or tests. However, due to the sophisticated nature of these scams, a single instance of verifying identity may not be sufficient. Organizations should also consider verifying identity and confirming location prior to asset provisioning and giving new hires access to company laptops or data, as gaining access to company IP is naturally a riskier moment.
Despite the recruiting function’s best efforts, recruiting alone will not be able to catch every instance of candidate fraud. Recruiting leaders should work with legal counsel to figure out where in the recruiting process is best to verify identity to minimize the possibility of hiring discrimination based on candidate documentation. IDV tools that handle the verification process are attractive because they remove the responsibility of viewing documents from the hiring manager or interviewer to a third-party vendor, thereby reducing the likelihood of potential discrimination or documentation impacting hiring decisions. When evaluating IDV vendors, an organization must carefully scrutinize vendor fit in its own approach to addressing bias introduced by AI. For more, see Mitigate Bias From AI in HR Technology.
Recommendations:
Deploy identity verification tools earlier in the recruiting process.
Partner with IAM leaders to evaluate existing IDV tool suitability.
Partner with legal counsel on when in process to verify identity so that it doesn’t influence hiring decisions or introduce potential for discrimination.
Standard Screening and Background Checks Will Fail to Verify Identity
Many organizations use background checks as part of their recruiting and pre-onboarding processes. These include criminal background checks, employment verification or work authorization compliance. Background checks may be initiated prior to employment as part of a conditional offer of employment.
However, background checks are not designed to verify identity; rather, they are intended to verify employment and background history, clear criminal checks, and confirm whether the person is legally authorized to work in that geography. Moreover, they rely on candidate-supplied information, which can be stolen or falsified.
Organizations that have unknowingly hired fraudulent candidates have discovered inconsistencies with associated addresses and locations listed in the background check versus what was listed in the resume. Some have discovered that the listed home address does not correlate to a residence via further investigation on maps. Such discovery requires a more consistent, diligent and careful review of the applicant’s entire history, resume and background, which may go beyond what existing background check vendors offer. Some organizations have taken this further to verify a consistent digital identity through personal and professional social media checks.
Although inconsistent, nonexistent or recently created social media profiles can be a sign of a fraudulent candidate, they may actually be valid. Social media checks alone are therefore not sufficient, and should be only part of a broader strategy to mitigate fraud. Moreover, social media checks are typically conducted to look for hate speech, bullying or online behavior inconsistent with company values, and are not designed to verify a consistent identity. The absence of a digital footprint shouldn’t be automatically suspicious, but a digital footprint inconsistent with the resume (e.g., location, education) should be cause for further clarification.
Recommendations:
Evaluate existing background-check vendors for identity verification capability. Prioritize geolocation capabilities.
Strengthen existing screening and background-check processes by cross-referencing resumes against background-check results or checking address history.
Consider checking for a consistent digital identity by reviewing personal and professional social media accounts.
Improvements in GenAI-Created Content Will Lead to Increased Fraud by Candidates Who Lack Necessary Skills
Candidate Use of GenAI Is Rising
Use of GenAI in the recruitment process by candidates is on the rise, as 39% of candidates stated they had used ChatGPT or other GenAI capabilities during the application process. Widespread availability and improvements in output are driving rising adoption. GenAI is often used to assist in writing cover letters and resumes, though it can be also used for a writing sample. Among candidates who have used GenAI during the application process, 36% of candidates admitted to using AI to generate text for a writing sample.4
However, use of GenAI can extend beyond just the application, with reports of candidates using it in the interview and assessment phase. Candidates may use GenAI capabilities during video interviews to transcribe questions and supply answers. Candidates may ask for the question to be repeated, and then answer as if reading from a script. Candidates can also use GenAI to alter their appearance or sound on video, to hide a proxy who may be standing in for a candidate. In the 2024 Gartner Voice of the Candidate Survey (Q2), 7% of candidates admitted to participating in interview fraud, which may include completing a job interview by pretending to be someone else and/or having had someone else complete a job interview on their behalf.5
Skills Assessments to Mitigate Fraud
While many organizations turn to skills assessments as a means of mitigating fraud, candidates may also use GenAI for answers to those assessments. Of the candidates who have reported using GenAI during the recruiting process, 29% said they have used GenAI to get text for answers to questions on an assessment.
Various types of assessments can be deployed, including skills assessments, realistic job previews or work samples, proctored tests, or live coding interviews. For example, a dedicated submarket of assessments and interview platforms is used for highly competitive software developer roles. The platforms often include live interviewing capabilities and a real-time programming environment for candidates to use (see Market Guide for Developer Skills Assessment and Interview Platforms).
Many assessment platforms have prebuilt capabilities to mitigate cheating, such as question randomization, answer randomization, timers, or limits on opening other windows to copy and paste answers. Alternatively, job previews and work samples to show necessary skills and capabilities in real time can serve as a counter to assessment fraud.
Candidate use of GenAI capabilities across application, interview and assessment stages necessitates multiple mitigation strategies. Repeated IDV checks throughout the process may address proxies and stand-ins for interviews, while proctored tests and live assessments can serve to confirm candidates have the necessary skills during the assessment phase. Live assessments often require photo ID and that the test taker remains on camera.
Transparent AI Use Policy
Some candidates may see the use of GenAI as a way to level the playing field as the job market and selection processes have become more complex and competitive. As recruiters use GenAI to improve efficiency, and as consumer tools like ChatGPT have become broadly available, assume that candidates are also using GenAI during the recruiting process. As organizations adopt GenAI capabilities to augment work, they should communicate their GenAI use policy to candidates in the recruiting process, and consider evaluating candidates on their ability to complete tasks both with and without GenAI assistance.
Recommendations:
Consider assessments, work samples or proctored assessment to prove candidates have necessary skills and abilities.
Train interviewers to watch for inconsistencies in candidate appearance in video interviews. Insist on clear candidate visibility.
Communicate openly with candidates regarding expectations and philosophy on GenAI use at work and during the interview process. Inform candidates of policy and clearly state the expectation that it is not used in the interview or assessment.
Organizations Must Have a Multilayered Fraud Mitigation Strategy
With means and motive, candidate fraud will continue. This is exacerbated by the rapid evolution and easy availability of GenAI tooling, coupled with global instability, economic uncertainty, limits on immigration and a desire for higher wages. Organizations must have a multilayered mitigation strategy against candidate fraud. Recruiting leaders play a vital part in the first step of this strategy. However, even with improvements to make recruiting processes more resilient, recruiting alone cannot detect every fraudulent application. This presents an ongoing cybersecurity, legal and financial risk.
Recruiting leaders must work with IT leaders, cybersecurity teams, and managers to create a culture that recognizes that fraud mitigation is a team effort that continues postemployment. Recruiting leaders should partner with stakeholders in both HR and cybersecurity teams to create a cross-functional insider risk management program. Such a program requires coordination among HR, IT and cybersecurity leaders, legal, finance, and corporate (physical) security.
Cross-functional risk management programs should collaborate to develop a broader organizational strategy to mitigate the risk of candidate fraud. They should consider periodic reverification of identity, especially during higher risk events such as change of address, phone, email or bank account. Additionally, cross-functional risk management programs may consider deploying insider risk management solutions and tools (see Market Guide for Insider Risk Management Solutions) that focus on identifying anomalous employee behavior with respect to system access and application use. These solutions are used to prevent IP theft, data exfiltration, planting of ransomware and illicit financial activity.
Build trust by transparently communicating employee monitoring and verification activities such as this, with clear justification so that the workforce understands that the intention is to protect the organization and its viability from a possible minority of bad actors. A clear distinction should be made from this kind of risk monitoring versus different types of monitoring of remote employees to ensure that they are at their desks or working their contracted hours.
Recommendations:
Improve resilience by accepting that recruiting alone cannot prevent all cases of candidate fraud. Complement strengthened screening processes with continuous postemployment monitoring of anomalous account activity.
Partner with other HR leaders and line managers to create a culture that recognizes fraud mitigation as a team effort, and that one function alone cannot be solely responsible.
Join a cross-functional insider risk management program with cybersecurity leaders to introduce periodic reverification of identity at high-risk events in the employee life cycle, balancing the needs of cybersecurity and employee experience.