Man
Professional
- Messages
- 3,222
- Reaction score
- 877
- Points
- 113
German intelligence services uncover an international network of IT fraudsters.
The Federal Office for the Protection of the Constitution of Germany (BfV) warned about fraudulent schemes of North Korean IT specialists working for foreign companies. According to the agency, many of them create fake profiles on freelance platforms and social networks such as LinkedIn, X, GitHub, Facebook, Telegram and Skype, in order to find work in the IT field, especially software development.
Usually, such specialists are presented as experienced professionals with a wide range of skills and extensive recommendations. Payment for their services is most often made through cryptocurrencies (Bitcoin, Ethereum) or digital payment systems (PayPal, Wise), which makes it difficult to track financial transactions. To hide their identity, they often use the accounts of intermediaries. In case of refusal of advance or bonus payments, fraudsters may behave aggressively and threaten to publish the company's source code.
Communication with North Korean "IT specialists" is conducted mainly through text messages, English is preferred, but Korean is also used. Face-to-face meetings or video interviews tend to be rejected, making identity verification difficult. Resumes are often inconsistent, with inconsistencies in personal information, work experience, education, and languages.
Profiles on social networks and information specified in the resume, as a rule, do not coincide, which causes suspicion among employers. In addition, it is common to find multiple profiles with the same names but different photos. The shipping addresses of equipment (e.g., laptops) may change continuously. Despite the high ratings of freelancers on the platforms, their required pay is low. In confirmed cases, such "specialists" installed malware immediately after receiving the equipment.
Companies cooperating with North Korean IT workers may face serious risks. First of all, their activities contribute to the financing of North Korea's nuclear program. In addition, this threatens reputational losses, violation of the sanctions regime and leaks of intellectual property and internal data of the company.
Recommended precautions include verifying identity during in-person or video interviews, verifying previous work experience, avoiding payments exclusively through cryptocurrencies, and restricting access to corporate information.
Source
The Federal Office for the Protection of the Constitution of Germany (BfV) warned about fraudulent schemes of North Korean IT specialists working for foreign companies. According to the agency, many of them create fake profiles on freelance platforms and social networks such as LinkedIn, X, GitHub, Facebook, Telegram and Skype, in order to find work in the IT field, especially software development.
Usually, such specialists are presented as experienced professionals with a wide range of skills and extensive recommendations. Payment for their services is most often made through cryptocurrencies (Bitcoin, Ethereum) or digital payment systems (PayPal, Wise), which makes it difficult to track financial transactions. To hide their identity, they often use the accounts of intermediaries. In case of refusal of advance or bonus payments, fraudsters may behave aggressively and threaten to publish the company's source code.
Communication with North Korean "IT specialists" is conducted mainly through text messages, English is preferred, but Korean is also used. Face-to-face meetings or video interviews tend to be rejected, making identity verification difficult. Resumes are often inconsistent, with inconsistencies in personal information, work experience, education, and languages.
Profiles on social networks and information specified in the resume, as a rule, do not coincide, which causes suspicion among employers. In addition, it is common to find multiple profiles with the same names but different photos. The shipping addresses of equipment (e.g., laptops) may change continuously. Despite the high ratings of freelancers on the platforms, their required pay is low. In confirmed cases, such "specialists" installed malware immediately after receiving the equipment.
Companies cooperating with North Korean IT workers may face serious risks. First of all, their activities contribute to the financing of North Korea's nuclear program. In addition, this threatens reputational losses, violation of the sanctions regime and leaks of intellectual property and internal data of the company.
Recommended precautions include verifying identity during in-person or video interviews, verifying previous work experience, avoiding payments exclusively through cryptocurrencies, and restricting access to corporate information.
Source
