Remote Engineering Hiring

Catch remote hiring fraud before the first interview

GPT-written resumes. Fake LinkedIn profiles. Stolen identities. SquarePeg runs 11 fraud signals on every remote applicant in seconds - before you spend any interview time.

Start free with 2,000 credits

What's actually showing up in your pipeline

Remote engineering roles attract 3x more fraudulent applications than in-office roles. 14% of remote technical applicants show at least one strong fraud signal.

Four patterns make up most of it:

  • GPT-written resumes mirrored to the job description, generated in seconds, indistinguishable by eye.
  • Fake LinkedIn profiles with stock photos, low connection counts, or URLs that don't resolve to a real profile.
  • Stolen or borrowed identities where the phone, email, or LinkedIn is registered to a different name than the application.
  • Coordinated fraud rings submitting dozens of applications under different names from the same operator.

A fraudulent engineering hire averages $50K in wasted interview cycles, severance, and time-to-fill. A fraudulent hire with access to your codebase costs more than that. Catch it at the application, not at the offer.

What SquarePeg runs on every remote applicant

Each signal checks external data the candidate can't manipulate - LinkedIn graphs, carrier records, email provenance, resume structure. Signals most relevant to remote fraud are first.

1
LinkedIn Validation

URL checked against 400M+ profile database. Fake profiles that don't exist in the graph get flagged.

2
Phone Name Mismatch

Carrier-registered name doesn't match the application name. The highest-fidelity signal for stolen and borrowed identities.

3
Unusual Phone Type

Voicemail-only, toll-free, and NonFixedVoIP carriers (Google Voice, TextNow) used to fake US-area-code numbers from anywhere.

4
Low LinkedIn Connections

Profiles under 100 connections. Real senior engineers in US tech almost always exceed this.

5
Limited Phone Activity

No real call activity in the past 12 months - likely a burner number provisioned for the application.

6
Limited Email Activity

Email first appeared in public records less than 3 months ago - newly spun-up for the application.

7
Email Name Mismatch

Email registered to a different name than the application. Catches borrowed email accounts.

8
Resume-JD Over-Alignment

Resume mirrors the JD with statistical precision. The canonical signal for GPT-written applications.

9
Missing LinkedIn Photo

No photo, stock photo, or AI-generated photo. Real US-based senior engineers nearly always include a real one.

10
Invalid Phone Number

Improperly formatted, disconnected, or unable to receive calls.

11
Disposable Email

Mailinator, Guerrilla Mail, 10MinuteMail, and similar throwaway providers.

The fraud is designed to defeat the eye

Catching it requires external data lookups - LinkedIn graphs, phone carrier records, email provenance - that no one runs by hand on every applicant.

What you can't catch by eye

Manual review limits

  • VoIP numbers look identical to mobile numbers in your ATS
  • Fake LinkedIn URLs look real until you search the graph
  • Disposable emails look like normal emails
  • Stolen identities pass IP, area code, and ID checks cleanly
  • Deepfake video has improved enough to pass video screens
  • GPT-resume detection requires statistical measurement
What SquarePeg automates

11 signals on every applicant

  • LinkedIn URL validated against 400M+ profile graph
  • Phone carrier classification, registered name, call activity
  • Email provenance and registered-name checks
  • Resume-JD alignment measured statistically
  • Glass-Box scoring with reasoning on every flag
  • Filter by Low or Mixed authenticity in seconds
  • Pattern detection surfaces coordinated submissions

Manual remote engineering screening vs SquarePeg

Capability Manual review SquarePeg
Validate LinkedIn URL against full profile graphCannot do at scale400M+ profile database
Phone carrier classification (NonFixedVoIP detection)No native ATS supportYes, on every applicant
Phone-registered name vs application namePaid lookup, $1-2/applicant manuallyIncluded
Email provenance check (public records age)Not feasible by handYes
Email registration name vs application nameNot feasible by handYes
GPT-tailored resume detection (Resume-JD alignment)Eye-test only, unreliableStatistical, on every resume
Time per applicant for full fraud check10-20 minutes manuallySeconds
Coverage across the applicant poolTop of stack onlyEvery applicant
Pattern detection across applicationsImpossible by handSurfaces fraud rings
Written explanations for each flagRecruiter notes onlyPer-signal reasoning
Audit trail for complianceInconsistentGlass-box, NYC LL144 / EU AI Act ready
ATS coverageWhatever ATS you're in95+ ATSes via Chrome extension
SetupHire more recruiters5 min Chrome extension
PricingRecruiter time + lookup credits$100/mo, ~10-15c per applicant

Pick where you want to start

High-volume remote roles

Turn fraud detection on every applicant

Engineering, support, and ops roles getting 100+ applications. Run the 11 signals on every applicant, filter to Low or Mixed authenticity in one click, work the clean pool first.

Critical access roles

Catch identity fraud before the codebase

Engineering hires get access to source code, infrastructure, and customer data on day one. Phone Name Mismatch and LinkedIn Validation flag the riskiest candidates before any interview gets scheduled.

Compliance audit trail

Explainable flags for every decision

Glass-Box scoring with per-signal reasoning produces the audit trail NYC LL144 and EU AI Act require. Every flag has a written explanation. Every reject is defensible.

Frequently asked questions

What kind of fraud is showing up in remote hiring?
Four patterns make up most of it. GPT-written resumes generated in seconds and indistinguishable by eye. Fake LinkedIn profiles with stock photos, low connection counts, or URLs that don't resolve. Stolen or borrowed identities where the phone or email is registered to a different name than the application. Coordinated rings submitting dozens of applications under different names from the same operator. The FBI has issued multiple advisories about state-actor versions of this targeting US tech companies.
How does SquarePeg flag a fraudulent applicant?
11 signals run on every applicant: LinkedIn URL validated against a 400M+ profile graph, phone carrier-registered name vs. application name, phone activity history, email provenance, email registered name, resume-JD alignment, and more. Each signal flags independently. You can filter by Low or Mixed authenticity confidence in one click. For remote engineering specifically, the strongest signals are Phone Name Mismatch and LinkedIn Validation.
Can a deepfake interview be detected?
Real-time deepfakes are increasingly convincing and the gap closes every quarter. The strongest defense is to catch the fraud before the video interview - at the application stage - using signals the operator can't easily fake: phone carrier registration, LinkedIn graph membership, email provenance, resume-JD alignment. SquarePeg runs all 11 signals before any video call gets scheduled.
Is remote hiring fraud actually growing?
Yes. FBI advisories, multiple publicly reported cases at major US companies, and SquarePeg's own data all point the same direction: 14% of remote technical applicants exhibit at least one strong fraud signal, and remote roles get 3x more fraudulent applications than in-office roles. The fraud is organized, well-funded, and harder to spot manually as deepfake video and GPT-generated resumes improve.
What should I do if I find a fraudulent applicant?
Drop them from the pipeline before extending any offer or shipping hardware. If you suspect state-actor fraud, the FBI requests reports through the IC3 portal at ic3.gov. SquarePeg's flags include written explanations and the underlying signal data, which makes documenting a report straightforward.
Does SquarePeg replace background checks like Checkr or Sterling?
No. The two are complementary. SquarePeg catches fraud at the application stage, before the first phone screen. Background checks verify identity at the offer stage, after weeks of investment. SquarePeg flags fraud early so most of it never reaches the background check. Both layers together are stronger than either alone.

Catch remote engineering fraud before the first interview

11 fraud signals. Glass-box scoring. Works on 95+ ATSes via Chrome extension.

Start free with 2,000 credits · 5-minute setup · 95+ ATSes supported