‘This is the real long COVID’: Remote jobs, fake resumes and Soham Parekh
Soham Parekh worked at no fewer than four Silicon Valley startups at the same time, including fintech giant Brex. For Startup Nation, the case is a reminder of the exploitation risks of remote work, and why both hiring and engagement safeguards must evolve in the age of AI.
The name Soham Parekh became notorious overnight when it came to light that the Indian software engineer had been duping Silicon Valley by secretly holding multiple full-time jobs, including one at fintech giant Brex. The case sounded the alarm on the darker side of remote work. At best, these cases are a theft of company time and a clear conflict of interest. At worst, they provide a way to infiltrate a company and exfiltrate its IP.
With the normalization of remote work (and now the rise of AI), Startup Nation, like tech sectors across the globe, has had to wise up to a new generation of threat actors.
The foremost challenge is that as hiring becomes increasingly digitized, it is getting harder to verify whether the person on the other side of the screen is who they claim to be. “The border between real and fake is a little bit blurred right now,” Niv Amitay explained to CTech.
Amitay is the AI Gen Team Lead at Clarity, a Tel Aviv-based startup developing tech to detect deepfakes in real time. “There is now a new threat for organizations: applying to the hiring process with another identity,” he continued. “Social engineering is a new way of attacking companies.”
When it comes to the scope of the threat, Amitay explained that cloning has become so advanced and accessible that even a quick phone call (like answering a spam call) can give attackers enough material to replicate someone's voice.
“Today there is a lot of free and premium and even better software in subscription, like HeyGen, like Elevenlabs that allows you to use any other voice, any other image and any other video to pretend to be someone else,” he said.
He cited a report published by Unit 42, the intelligence arm of US cybersecurity giant Palo Alto Networks, which details how IT workers linked to North Korea’s regime have carried out fraudulent work infiltration schemes.
Amitay highlighted one case in which the group used deepfakes and fake credentials to land an IT role at KnowBe4, a prominent cybersecurity awareness training company. “They passed through all the direct process with fake identity, fake voice and fake interview,” Amitay said. “They actually got a computer by post mail and got access to all the company resources.”
2 View gallery
Left to Right - Eyal Bar Oz, Eyal Zukerman, Niv Amitay
(Credit: PR, Extra Mind PR, Clarity)
In terms of the Parekh case, Amitay noted that while his identity is likely too well-known to use again – “I think right now he’s so famous, nobody will take him again” – his concern is how easily someone else’s can be adopted to pull off similar instances of workplace fraud.
Thus, Amitay urges HR leaders in Israel’s high-tech sector to take the threat of candidate deception seriously, particularly the rise of deepfakes, and to calibrate their screening protocols to meet the realities of today’s riskscape. “Every hiring manager should watch a candidate and see if it’s a real person,” he said. “Ask the candidate to turn their head right and left, move their hand slowly in front of their face… ask questions from the CV or LinkedIn – something only the real person would know.”
Similarly, Eyal Zukerman, Senior Director of People and Culture at BigID, cautions that no company should take its immunity to identity fraud for granted. “Don’t tell yourself that this is not going to happen to me,” she said. “Keep your eyes open and adjust your screening and your verification.”
At BigID, a global data intelligence company headquartered in Tel Aviv and New York, Zukerman said the company has been considering these challenges long before the rise of AI, and particularly during the remote-first shift of COVID.
“Even before we encountered these new challenges, it was obviously a challenge managing remote work across different sites and different cultures, and verifying the qualification and the identification of our employees,” she said.
Part of the response has involved adapting their screening methods to account for the rise of AI capable of generating a deceptive standard of work that belies the true capabilities of the candidate in question.
“We needed to add more to the screening to verify that they didn’t just use those tools,” said Zukerman. “We give home tasks, but everyone can use AI tools to do that. So we adjusted the tasks themselves… and also we follow it up with face-to-face interviews. We ask about the reasoning and why you used that.”
She continued: “At BigID, we are in the business of supplying our customers with data security, and so we have to hold ourselves to higher standards in order to not put them at risk, and then obviously not internally put BigID at risk.”
Zukerman said that while BigID hasn’t had a case of an imposter making it through, there have been some red flags. “I’ve seen people present tasks… and when I ask them a simple question, they don’t know how to answer. Obviously they had someone else do it for them,” she said.
“And I did encounter one or two cases where we went back and verified and this person had a very different history, let’s just put it that way, than what he presented to be.”
Still, for some high-tech professionals, the conversation and the solutions to overemployment benefit from a more nuanced view, especially in light of its growing prevalence. While he admits that fraud aimed at stealing company information is “a different topic,” Eyal Bar Oz, CEO of Webiz, an AI-powered recruitment and outsourcing platform with 300 employees worldwide, sees overemployment as a symptom of a broader workplace reality, one to be understood and worked with rather than condemned outright.
“I think this is the real long COVID. The long COVID of the work environment,” Bar Oz said. “When you’re working full time from the office five days a week, it’s almost impossible to have another job… When you are working from home, actually you can do whatever you want. You have the flexibility to jump one hour here, one hour there.”
One of the ways Webiz has adapted is by offering freelance-mode contracts and trying to redirect excess hours back into the same client, rather than losing them to another employer.
“We said, okay, if he wants to work extra time, let’s try to sell those extra hours to the same client instead of trying to work in other places,” he continued. “Let’s be honest about that… If we’re finding you a client, let’s be sure that we know what else you are doing.”
For Bar Oz, getting to the root cause driving moonlighting is arguably more important than enforcing consequences. “You need to understand the motivation… If it’s because they’re not getting enough salary, okay, let’s try to solve the problem,” he said.
He added that another part of the solution lies in fostering stronger connections with remote employees. “The engagement is the place that needs more investment these days because of lack of presence in the office,” he said. “When something is far from the eyes, it’s far from the heart.”
That means making a conscious effort to help remote workers “feel that they're part of the company.”
Reassuringly, however, for Startup Nation, Bar Oz believes Israel is less affected by time theft and overemployment than other regions, with employees typically remaining loyal to a single workplace. “I don’t think it happens a lot in Israel. Percentages are super low,” he said. “I think that’s why Israel is so successful in this aspect. Because the people are more focused… they’re doing it with 100% attention to one company and not splitting the attention, the effort, the time.”
