Your Fraud Team Is Leaking the Playbook — and LinkedIn Is the Attack Surface

Fraudsters aren’t only targeting customers anymore. They’re targeting fraud teams.

In this episode of Fraud Forward, Hailey Windham sits down with Jared Gruenberg to explain how fake LinkedIn companies are using Easy Apply and “pre-interview” screening emails to harvest operational intelligence; the exact tools, signals, and investigation workflows that fraud, AML, and compliance teams use to stop bad actors.

Jared shares the real-world pattern he found across multiple impersonated companies, including suspicious hiring volume, fake employee profiles, brand-new domains, and fast follow-ups that push candidates to answer detailed technical questions. The goal isn’t just personal data, it’s industry mapping. When attackers collect hundreds of answers from experienced candidates, they can tune their tactics, probe specific vendor controls, and even train themselves to pass recruiter screens.

Hailey and Jared also dig into why this works: LinkedIn’s trust factor, the low-friction nature of Easy Apply, and the human reality of burnout, layoffs, and career pressure that makes “two taps on your phone” feel worth it.

Topics covered:

• How fake LinkedIn companies use Easy Apply as an attack surface

• The signals that reveal impersonation and resume-harvesting rings

• Why fraud, AML, and compliance resumes are especially valuable

• How “technical screening” emails turn into playbook extraction

• What attackers can do with aggregated investigator responses

• Why burnout and layoffs increase vulnerability, even for experts

• Practical steps to protect fraud knowledge and share intelligence safely

🎙 Guest lineup:

Jared Gruenberg — Fraud investigator and author of “Your Fraud Team Is Leaking Your Defense Playbook Right Now”

Hailey Windham — Host of Fraud Forward & Community Banking Lead, Sardine

👉 Subscribe for more real-world fraud insights from the people closest to the risk.