Robots, Foreign Agents, and Frauds, Oh My! Navigating the 2026 Hiring Market

Five years ago, you could hire a great candidate by learning correct screening and interviewing processes. In 2026, that knowledge is secondary to another question: is the person I'm talking to real? If getting phished is bad, unknowingly hiring a foreign spy is atrocious.

But how can you tell? What if AI keeps improving? Do you really have resources to keep doubling the size of your hiring to-do list? Let's talk about ways companies are reducing time-to-hire while still hiring top (real and truthful) talent — faster than Dorothy could uncover the truth of the Wizard of Oz.

Search for duplicate LinkedIn profiles

A quick and easy check. Duplicates are a real signal that someone is impersonating another person. While you're there, scrutinize the profile itself: check the number of connections, and see if any of those connections share a similar work history or held roles at the same company during the overlapping time frame. Review the profile picture so you can compare it to what they look like in the interview. Do a reverse-image search to verify it isn't a generic photo pulled from a Google search.

Real professionals leave a real trail. Stolen or fabricated identities usually don't have the network density to back up the resume.

Ask in-depth work history questions in interviews

Ask questions like “What's a project you've worked on that you're most proud of?” “Which company were you at when you worked on it?” “Who else was on the team?”

As they answer, keep track. Do the stories hold together? Are there inconsistencies? Are the projects verifiable from public data? When they give you a colleague's name, ask how to spell it. Ask what that colleague would say about the applicant and the projects they describe. Imply you will be speaking with that person — not “if I were to talk to them.” A real candidate doesn't flinch at that. A fraudulent one starts hedging.

Cross-check work history

Consider calling companies they've worked at and asking, “I'm performing a background check for a potential employee — who could I speak with to verify this person was employed here?” If you can reach that person, ask for the applicant's manager or team lead, and ask to be transferred. Once you get them on the line, ask the manager to rate the applicant on a scale of 1 to 10, along with a list of strengths and weaknesses.

This step eliminates two common fraud vectors at once: lying about which companies they worked at, and giving fake phone numbers for “references.” If you only call the numbers the applicant provided, you might end up talking to an accomplice giving a glowing review — all staged. Going through the company's main line kills that.

Rule out the deepfake possibility

During a video interview, start by asking the applicant to do the following:

• Turn their head slowly side to side so you see a complete side profile. Watch for anomalies or distortions in the shape of their face as they turn.
• Hold up three fingers in front of their face. Verify their hand's skin tone matches their face, and look for any visual glitches as the hand moves.
• Slowly wave their hand in front of their face. Again, watch for distortion in the area the hand passes over.

Current deepfake technology doesn't perform well on these tests — most models are trained on front-facing data and break down on movement or angles. If an applicant refuses or gives an excuse, end the interview immediately and screen them out. A real person finds the requests odd but harmless. A deepfake operator knows exactly why you're asking.

Watch for suspicious activity during an interview

Interview cheating technologies are gaining popularity. Go look at the r/cluely subreddit for examples of people landing high-competition, high-comp roles by using these AI cheating methods.

During interviews, watch the applicant's eye movements. If their eyes move back and forth slightly during answers, they're likely reading something off the screen. Pay attention to response time — if there's always a delay at the start of their answer, or they use filler words like “that's a great question” to buy time, consider the possibility they're waiting for an AI-generated response. Ask yourself if their answers sound out of character or overly formal. Consider asking them to close their eyes while they clarify an earlier answer.

You can also force them to interact with their physical environment. Ask if there's an object near them with words on it. Have them pick it up and read something off of it to you on camera. A foreign agent likely won't have a casual object in the expected language sitting next to them.

GitHub account history

Look through the applicant's GitHub or other version-control accounts. Do they have starred repositories? Does their public commit history reflect the career they're claiming? Are they actually listed as contributors on projects they say they helped build?

Commit timestamps can also reveal time-zone mismatches. If they claim to be in North America but their commits consistently happen at 3 AM Mountain Time, that's a real signal. So are activity patterns: steady contributions over years look like a real career; bursts of activity in the weeks before applying look like portfolio padding.

Ask them to walk through code they've written

Once you're familiar with code they claim to have written, have them screen-share and walk you through it. Ask for details about why they designed things a certain way. Ask what they wish they'd done differently. Then have them rewrite a section, or add a small feature, test, or error-handling block.

Real authors remember their reasoning and can build on their own work. Candidates who copied or fabricated their portfolio collapse the moment they're asked to extend it.

Don't rely on a third party without training them on these principles

You need to feel confident your recruiters and third-party hiring partners are taking these risks into account. Companies paid to hire on your behalf are incentivized to fill the role quickly, and they can easily be deceived if they aren't analyzing applicants with this lens.

Similarly, train your employees: outsourcing their job duties is unacceptable, and sharing credentials is a fireable offense with no exceptions. This sounds obvious, but it's a real and growing pattern — an employee hires someone to do their work for them and hands over access to their accounts. Sometimes the employee doesn't even realize they've handed access to a fraud network.

I honestly hope these ideas are helpful as you look to refine your hiring processes. Think outside the box and stay aware of new fraud tactics. Most of all, never trust Glinda the Good Witch — she'll make you kill someone before revealing you had the tool to get home all along.