13 Apr 2025 - AJ
Every so often, I come across something that is and isn’t a scam that just fascinates me but I just can’t seem to fit it into an article. In this case, it’s North Koreans faking their identity to get remote jobs.
While some things I encounter are definitely nation-state authorized (China, North Korea, and Russia being the primary instigators), this one is unusual because in its most benign form, it’s North Korea having its citizens work at jobs in other countries to funnel money back to North Korea. It is fraud because North Koreans are prohibited from being hired in most countries so they take on the identities - either stolen or willingly given - of another actual person. There are more malicious versions of this where malware is introduced or data exfiltrated (grabbed and sent out), but since this is a fairly new scam there isn’t a ton of data on it.
The perpetrators often use a tactic also used by more standard scammers, which is to communicate only by text and make themselves unavailable for audio or video conversations. If they are forced to be on video, they use AI deepfakes to hide their identity.
Sometimes they are good enough to pass verification - for example, KnowBe4 (a company that helps employers educate their employees on the dangers of clicking on phishing links) unknowingly hired a North Korean. They figured it out before any data was breached but not before accidentally hiring when the new employee immediately loaded malware, which was caught by their security system. Fortunately all the person had at that point was email access.
KnowBe4 did some lessons learned from the incident and now recommends all references be called or video chatted - they were already requiring phone and video interviews for their applicants - among other ways of catching these fake potential employees before they’re signed on. Other measures that various entities have implemented is to check all phone numbers to see if they’re genuinely a cellphone/landline and not Voice over Internet (VoIP), making interviewees wave their hands in front of their face as deepfake AI has trouble with managing that, and asking the potential employee to say something terrible about Kim Jong Un, which North Koreans would be obviously reluctant to do.