44% of candidates admit to lying on their resume. SquarePeg runs 11 fraud signals on every applicant in seconds - catching GPT-tailored resumes, fake LinkedIn profiles, VoIP burners, and identity mismatches at the application stage.
Each signal is checked against external data the candidate cannot manipulate. Each comes with a written explanation of what triggered it. Filter the candidate list by Low or Mixed authenticity confidence and review the flagged subset first.
URL checked against SquarePeg's 400M+ profile database. Fabricated URLs that do not appear in the comprehensive graph are flagged.
Real senior professionals with five-plus years of experience usually have 300+ connections. Under 100 is a strong fraud signal in technical recruiting.
Missing or stock-photo profile pictures. Real US professionals nearly always include a photo.
Voicemail-only, toll-free, or NonFixedVoIP carriers. NonFixedVoIP is the classification used by Google Voice and TextNow, common in fraud-ring submissions.
Phone numbers with no real call activity in the past 12 months are flagged as likely-burner.
Improperly formatted, disconnected, or unable-to-receive-calls numbers are flagged.
Carrier-registered name does not match the application name. The strongest single signal in the SquarePeg signal set for catching identity-fraud applications.
Email addresses that first appeared in public records less than three months ago are flagged.
Email registration name does not match the application name. Catches identities laundered through borrowed email accounts.
Mailinator, Guerrilla Mail, 10MinuteMail, and similar low-reputation providers are flagged.
Resume mirrors the JD's structure, vocabulary, and skill ordering with statistical precision. The canonical signal for GPT-tailored resumes.
A careful read catches 30-40% of fakes. The other 60% require external data lookups you can't run by hand on every applicant.
| Capability | Manual review | SquarePeg |
|---|---|---|
| LinkedIn URL validation against full graph | Open URL, eye-test | 400M+ profile database |
| LinkedIn connection count check | Manual click-through | Automated |
| LinkedIn photo and engagement check | Manual click-through | Automated |
| Phone carrier classification | Not feasible by hand | Automated |
| Phone-registered name vs application name | $1-2/applicant paid lookup | Included |
| Phone call activity check | Not available | Automated |
| Email provenance and registration check | Not feasible by hand | Automated |
| Disposable email provider detection | Recruiter memory | Automated |
| Resume-JD alignment scoring (GPT signal) | Eye test only | Statistical |
| Time per applicant for full fraud check | 10-20 minutes manually | Seconds |
| Coverage across the applicant pool | Top of stack only | Every applicant |
| Pattern detection across applications | Impossible by hand | Surfaces fraud rings |
| Audit trail for compliance | Inconsistent | Glass-box explanations |
| Pricing | Recruiter time + paid lookups | $100/mo, ~10-15c per applicant |
Most teams expect the fraud rate to be 1-3%. The actual rate is usually 8-22%, depending on role type and seniority. A few patterns from real applicant pools.
Remote senior engineering role, 200 applicants. 28 of the 200 flagged on at least two signals in the first 72 hours. The pattern: VoIP phone numbers registered to a small set of US co-conspirator names, LinkedIn URLs that failed validation against the 400M+ profile database, and email addresses that had appeared in public records within the last 60 days. Three of the candidates had identical resume structures across different "names." All 28 dropped before any phone screens.
Backlog audit on 1,200 applications. A mid-stage SaaS company ran SquarePeg against four months of accumulated applications. 14% of the applicants flagged on at least two signals. The most common combination: invalid LinkedIn URL plus disposable email plus excessive resume-JD alignment - the textbook GPT-generated application from a fake identity.
Non-technical role at a mid-market SaaS company. 4 of 100 flagged - a much lower rate than engineering. But all four flagged applicants had used the same disposable email provider and submitted resumes within a 36-hour window. This was a small fraud ring testing the company's defenses. It would have gone unnoticed without the pattern detection.
The pattern is consistent: fraud is heaviest on remote technical roles for recognizable brands, lighter on local non-technical roles, and almost always higher than you'd expect. The 11 signals catch the patterns at the application stage, before any time is spent on phone screens.
Catches some obvious cases. Misses the bulk of fraud because the strongest signals (Phone Name Mismatch, LinkedIn graph membership, resume-JD alignment) are invisible to the eye. Falls apart at any volume above 50 applicants per role.
Catches identity fraud, but only after weeks of interview time have been invested in the candidate. Useful as a final layer, not as the primary detection mechanism. Catch fraud before it consumes your recruiter and hiring manager time.
Two complementary layers. SquarePeg flags 11 signals on every applicant in seconds, before any human time is spent. Background checks verify identity before the offer goes firm. Most fraud gets caught on the SquarePeg layer and never reaches the background check.
11 fraud signals. Glass-box scoring. Works on 95+ ATSes via Chrome extension.
Start free with 2,000 credits · 5-minute setup · 95+ ATSes supported