Resume fraud in the AI era
A Greenhouse report found 91% of US hiring managers have encountered or suspected AI-generated interview answers during online meetings. Recruitment scam losses hit $501M+. The resume, as we knew it, is finished.
The numbers that should worry every hiring team
- 91% of US hiring managers encountered or suspected AI-generated answers during interviews (Greenhouse,).
- 50% of businesses have encountered AI-driven deepfake fraud in some form (CBS News).
- 6% of job seekers admitted in a Gartner survey to interview fraud — proxy interviewers or impersonating someone else.
- 62% of hiring professionals admit candidates fake faster with AI than recruiters detect.
- $501 million+ recruitment scam losses, up from $90M.
- The DOJ's recent actions against North Korean IT-worker schemes searched 29 laptop farms across 16 states. The FBI has documented 300+ US companies that unknowingly hired operatives using stolen identities and AI-generated personas.
The pattern is consistent: detection is losing. Generation is winning. The resume — a self-reported document with a contact list of references — was never adversarial-resilient. AI made it indefensible.
The four classes of resume fraud
Fabricated experience. AI generates a credible employment history at a company that exists. The reference checks are the only defense, and references are increasingly compromised by AI voice clones.
Augmented portfolio. Real candidates pad portfolios with AI-generated work — designs, code, writing samples — claimed as their own. Detection is currently below 60% even with specialized tools.
Proxy interviews. Candidate A applies, Candidate B (a more skilled stand-in) takes the interview via deepfake mask or proxy. The hire then performs at A's level, not B's.
State-backed identity laundering. The North Korean IT-worker scheme: real talent, stolen identity, AI-generated face for video calls. The work product is real. The person collecting the salary is not who the company thinks.
Why background checks no longer suffice
Background-check vendors verify what databases say about a name. None of the major US providers verify that the person on the call is the person whose name is in the database. The check confirms an identity exists. It does not confirm continuity from background to interview to first day of work.
The continuity gap is where fraud has migrated. Hiring teams have responded with surveillance — recorded interviews, behavioral analysis, in-person final rounds — which adds cost without closing the gap.
The fix: cryptographically attested work history
The structural answer is to invert who creates the resume. Today, the candidate writes it. Tomorrow, the work itself signs the resume.
HATI Layer 3 — work attestation — produces a cryptographic record at the moment work is done. Code commits, design files, contracts, decisions, agent supervisions: each carries a signature from the human who authored, supervised, or directed it. By the time the candidate applies for a role, their work history is a tamper-evident graph that recruiters can verify directly. No reference call to a number that turns out to be a deepfake. No portfolio site that turns out to be AI-generated. The proof travels with the work.
The candidate controls disclosure. They can prove "I led this product launch" without revealing salary or current employer. They can prove "I shipped this codebase" without surfacing private repository internals. The verifier learns exactly what they need to learn — and nothing more.
What to do this quarter, by role
If you are a Head of Talent: add Manav delegation to your applicant tracking system. Candidates who choose to share verified work history get a fast lane. Candidates who don't are not rejected — but you ask sharper interview questions about the unverifiable claims.
If you are a job seeker: start attesting now. The browser extension stamps your code commits, design files, and document edits. Twelve months from now, your verified work graph is a serious differentiator. Twenty-four months from now, it is table stakes.
If you are a CISO: the deepfake-hire risk is your problem, not just HR's. Treat new-hire identity verification as a Layer 1 (verified human) plus Layer 3 (verified work history) requirement. Document the controls before your insurer asks.
If you are a regulator: recognize that hiring fraud is now infrastructure-scale, state-sponsored in its most serious form, and outside the scope of background-check compliance regimes. The next round of standards will need to include cryptographic continuity from claim to work product.
Common objections
Two pushbacks we expect. Won't this slow workers down? First delegation prompt costs 90 seconds; allowlisted scopes vanish after that. Won't employers weaponize the audit trail? The protocol design — selective disclosure, user-owned wallet, explicit non-features around compensation and termination cause — addresses the most cited abuse paths.
Frequently asked questions
Does this change my employment contract? Yes, slowly. Expect a paragraph in salaried offers above $80k specifying role-declaration on AI-augmented work, audit-log retention, and IP attribution. The clauses look like the GDPR paragraphs every contract has carried for years — boring, ubiquitous, structurally important.
What about people who don't use AI? They keep working without changes. The protocol is opt-in at the action layer; an unsigned action is the default for any human who has not enrolled an agent. Adoption follows incentives, not mandates.
What happens to my work history when I change jobs? It stays with you. The attestations your employer signed are bound to your DID, not their tenant. The next employer can verify them in seconds; you can revoke their visibility at any time.
Where to start
From here, deepfake hiring playbook sets the broader work-history substrate and how to prove human 2026 addresses the hiring-side mechanics. Read those together and the policy questions get a lot more answerable.
The resume of will be a verifier, not a document.
The transition is uncomfortable for incumbents — LinkedIn, the background-check industry, and the assessment vendors all lose pricing power when the work signs itself. The transition is necessary because the alternative is paying $501 million a year, and rising, to fund the people who got hired by lying about who they were.