Beware: North Korean Job Scams Target British IT Firms – What You Need to Know

Urgent Warning for British Companies

British companies are being urged to conduct job interviews for IT workers via video or in person to prevent the risk of hiring fake North Korean employees. This advisory comes in light of a Google intelligence report indicating that the UK has become a prime target for deceptive IT worker schemes orchestrated by the Democratic People’s Republic of Korea.

The Scam Unfolded

Typically, these fraudulent workers are hired to work remotely, allowing them to evade detection while sending their earnings back to Kim Jong-un’s regime. A case uncovered last year revealed a single North Korean worker using at least 12 different identities across Europe and the US, particularly targeting the defense industry and government sectors.

New Tactics and Threats

The scam has evolved, with bogus IT professionals now threatening to leak sensitive data from companies after being terminated. According to John Hultquist, chief analyst at Google’s Threat Intelligence group, North Korea has shifted its focus to the UK due to increased scrutiny in the US, making the UK the center of their operations in Europe.

Facilitators at Work

These fake IT workers often collaborate with facilitators who maintain a physical presence in the host country, providing essential support like false passports and physical addresses for receiving equipment. They exploit companies that allow employees to use their own devices, making monitoring more challenging.

Combating the Threat

Hultquist emphasizes that conducting in-person or video interviews can significantly disrupt these North Korean tactics. He suggests that HR departments need to enhance their background checks and verify identities rigorously, as the scheme tends to fall apart when candidates are asked to appear on camera or come in for interviews.

Expert Insights

Sarah Kern, a North Korea expert at Secureworks, warns that the threat is more widespread than many firms realize. She advises that British companies should thoroughly verify candidates and educate their HR teams about these deceptive practices.

Signs of Deception

Some red flags to watch for include frequent changes in candidates' addresses and their preferred payment methods, such as opting for money exchange services over traditional bank accounts. The bogus IT professionals are often recruited through platforms like Upwork, Freelancer, and Telegram.

Conclusion

Kern notes that these candidates often avoid video interviews, as many are located in environments where multiple North Korean IT workers are concentrated, making it difficult to appear credible during video calls.