AI scams are becoming harder for HR teams to spot, and the financial impact is growing. The scale of the problem is already significant: Forbes recently reported that the Federal Bureau of Investigation’s IC3 unit received more than 22,000 AI fraud complaints in 2025, with adjusted losses topping $893 million.
Scammers are using AI to send fraudulent messages, create fake candidates, and impersonate executives or employees. These attacks are becoming more realistic, more personalized, and more difficult to identify. As the technology continues to evolve, HR teams need strong verification processes and the ability to recognize clear warning signs to help stop them before they cause damage.
Spot Fake Applicants and Suspicious Communications
Traditional advice like “watch for typos” no longer works. As scams become more convincing, HR teams can no longer rely on instinct alone. Strong processes and careful verification are just as important as recognizing warning signs.
Watch for
Highly polished phishing emails that contain unusual requests, reference internal information the sender should not know, request sensitive data, or attempt to bypass normal procedures.
Messages, calls, or videos that appear to come from leadership and demand urgent action, confidential information, or exceptions to established processes.
Applicant profiles or resumes with inconsistent work histories, credentials that are difficult to verify, or vague descriptions of past experience.
Communications that look and sound like they came from your organization but originate from unfamiliar sources.
Trust the Process, Not the Message
Even the most convincing AI scam is far less effective when organizations follow clear verification procedures. Strong processes help reduce the risk that a single message, rushed decision, or moment of inattention leads to a costly mistake.
When evaluating candidates, verify identities through secure systems, confirm employment history through trusted sources, and ask follow-up questions about projects, timelines, and past responsibilities. These steps can help uncover inconsistencies that might otherwise go unnoticed.
If a request involves sensitive information, payroll changes, or exceptions to standard procedures, confirm it through a separate communication channel before taking action. Report suspected impersonation attempts to your IT or security team so they can investigate and help prevent future incidents.
When something feels off, pause. Trust your process, not your first impression.
Al Threats Evolve Rapidly: Keep Training to Stay Ahead
AI scams change quickly, making it difficult for HR teams to rely on outdated training or annual cybersecurity refreshers alone. Regular training helps employees recognize emerging threats, respond appropriately, and feel more confident when something does not look right.
Implement These Training Strategies:
- Offer short training sessions throughout the year on emerging AI scam trends
- Run realistic phishing simulations that reflect HR-specific scenarios
- Use real-world examples to help employees practice identifying suspicious activity
- Reinforce when and how employees should report potential scams
- Create a culture where employees feel comfortable pausing, asking questions, and verifying information before acting
Get Ahead of AI Scams With CBIZ
AI scams are not slowing down. Connect with a CBIZ advisor who can help you develop the right approach to help protect your organization.
Frequently Asked Questions
Always verify using a secondary, trusted channel: Call the employee using known contact info, require changes through a secure HRIS portal and enforce multi-step approval for payroll updates.
Scammers often target the information that can help them steal money, impersonate employees, or gain access to systems. That can include, changing employee direct deposit information, finding ways to gain access to Social Security numbers, bank account details, , benefits elections, tax documents, employee identification numbers, personal contact information, and login credentials. HR should treat requests involving this information as high risk, and should take additional steps to verify the request .
An effective response plan should not sit with HR alone. HR should work with information technology, cybersecurity, legal, compliance, payroll, benefits, communications, and leadership to define who reviews suspicious requests, who approves next steps, and who contacts affected employees if needed. Clear ownership helps the organization move quickly without creating confusion, overreacting, or missing important reporting obligations.
© Copyright CBIZ, Inc. All rights reserved. Use of the material contained herein without the express written consent of the firms is prohibited by law. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein. Material contained in this publication is informational and promotional in nature and not intended to be specific financial, tax or consulting advice. Readers are advised to seek professional consultation regarding circumstances affecting their organization.
“CBIZ” is the brand name under which CBIZ CPAs P.C. and CBIZ, Inc. and its subsidiaries, including CBIZ Advisors, LLC, provide professional services. CBIZ CPAs P.C. and CBIZ, Inc. (and its subsidiaries) practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. CBIZ CPAs P.C. is a licensed independent CPA firm that provides attest services to its clients. CBIZ, Inc. and its subsidiary entities provide tax, advisory, and consulting services to their clients. CBIZ, Inc. and its subsidiary entities are not licensed CPA firms and, therefore, cannot provide attest services.















