While recent studies have exposed various vulnerabilities incurred from data poisoning attacks in many web services, little is known about the vulnerability on online professional job platforms (e.g., LinkedIn and Indeed). In this work, first time, we demonstrate the critical vulnerabilities found in the common Human Resources (HR) task of matching job seekers and companies on online job platforms. Capitalizing on the unrestricted format and contents of job seekers' resumes and easy creation of accounts on job platforms, we demonstrate three attack scenarios: (1) company promotion attack to increase the likelihood of target companies being recommended, (2) company demotion attack to decrease the likelihood of target companies being recommended, and (3) user promotion attack to increase the likelihood of certain users being matched to certain companies. To this end, we develop an end-to-end "fake resume" generation framework, titled FRANCIS, that induces systematic prediction errors via data poisoning. Our empirical evaluation on real-world datasets reveals that data poisoning attacks can markedly skew the results of matchmaking between job seekers and companies, regardless of underlying models, with vulnerability amplified in proportion to poisoning intensity. These findings suggest that the outputs of various services from job platforms can be potentially hacked by malicious users.

翻译：尽管近期研究已揭示数据投毒攻击在许多网络服务中引发的各类漏洞，但在线职业招聘平台（如LinkedIn和Indeed）的脆弱性仍鲜为人知。本研究首次证明了招聘平台上求职者与公司匹配这一常见人力资源任务中存在的关键漏洞。利用求职者简历格式与内容不受限制、以及平台账号易于创建的便利，我们展示了三种攻击场景：（1）公司推广攻击——提高目标公司被推荐的几率；（2）公司降权攻击——降低目标公司被推荐的几率；（3）用户推广攻击——增加特定用户与特定公司匹配的概率。为此，我们开发了一个端到端的"虚假简历"生成框架FRANCIS，通过数据投毒诱导系统性预测错误。在真实数据集上的实证评估表明，数据投毒攻击会显著扭曲求职者与公司的匹配结果，且无论底层模型如何，漏洞程度均随投毒强度成比例放大。这些发现表明，恶意用户可能入侵招聘平台各项服务的输出结果。