AI scams and fake CVs are a threat to Yorkshire HR operations: Dan Hindley

The alarming rise in AI-driven scams and fraudulent CVs presents a significant cybersecurity challenge, with implications for businesses across the region.

AI technology has made it easier for cybercriminals to exploit recruitment channels and has subsequently created a surge in AI-generated fraud.

A significant 44 per cent of 1,001 UK-based HR professionals that completed the survey conducted by Censuswide, reported encountering fraudulent job applications, with 35 per cent noting applications containing malicious links or attachments. This exposes organisations to phishing attacks and potential data breaches.

Alarmingly, 66 per cent of respondents have come across AI-generated CVs, over half of which were fraudulent. The problem extends to professional networks like LinkedIn, where 48 per cent of HR professionals interacted with profiles that were later deemed fake. These incidents highlight the sophistication of modern cyber threats, putting HR departments at the frontline of defence.

Despite their role in safeguarding sensitive company data, many HR teams note a lack of adequate cybersecurity training. Over 41 per cent of HR professionals believe their employees are negligent about cybersecurity policies, and 59 per cent admitted that staff often bypass these policies to expedite work.

And while regular training is vital, only 40 per cent of organisations conduct quarterly cybersecurity awareness sessions. Even more concerning, 16 per cent of companies train their staff less than once a year, leaving significant vulnerabilities unaddressed.

The research found that 82 per cent of HR professionals have experienced a cybersecurity incident in the past year, ranging from phishing attacks to data leaks. However, 40 per cent of organisations lack a formal incident response plan, leaving them ill-prepared to mitigate the impact of such breaches.

With over half (57 per cent) of businesses experiencing cyberattacks stemming from employee error, it’s clear that stronger safeguards are needed, including robust protocols and increased vigilance during the recruitment process.

To address these pressing challenges, Yorkshire organisations should consider enhancing cybersecurity training with tailored, frequent training sessions that can equip HR and recruitment teams with the skills to identify AI-generated fraud and phishing attempts.

In addition, with AI increasingly used to generate fake applications, businesses should adopt AI-based tools to flag and mitigate fraudulent CVs and profiles as well as establish and regularly update response protocols. This can help businesses react swiftly to minimise damage from cyber incidents.

Finally, closer partnerships between HR, IT, and security teams can strengthen threat detection capabilities and improve overall cybersecurity resilience.

Yorkshire’s vibrant business community is no stranger to innovation; however, the rising threat of AI-driven scams demands immediate action. By bolstering training, adopting cutting-edge technology, and fostering collaboration, Yorkshire businesses can turn HR departments into an important line of defence against cyber threats.

Investing in these measures not only protects sensitive recruitment channels but also fortifies the organisation’s broader security culture, ensuring that businesses remain secure as they continue to innovate.

Dan Hindley is Senior Director of Sales for the UK&I for KnowBe4