Ah, North Korea—known for their love of missile launches, questionable haircuts, and apparently, sneaky IT workers! The FBI has flagged a new type of cyber threat: North Korean IT workers infiltrating U.S. businesses to fund the regime’s dark deeds. Let’s unravel this sneaky saga and equip your company with the knowledge to avoid falling into their cunning traps.
The Sneaky Playbook
North Korean IT workers have mastered the art of disguise, kind of like secret agents but without the cool gadgets. They use U.S.-based individuals (some clueless, some complicit) to land jobs at American companies. These unwitting (or witting) accomplices help them bypass controls meant to keep out unauthorized workers. Imagine sending a laptop to what you think is your new employee in New York, only to find out it’s being used by someone in Pyongyang!
Tricks of the Trade
These sly workers set up U.S.-based connections, create fake accounts on job sites, and even attend virtual meetings on behalf of the real North Korean agents. They might ask you to ship company laptops overseas or help them set up financial accounts. And guess what? Some of these U.S. facilitators even get a cut from this sneaky business—talk about a side hustle!
Shield Your Business: Tips & Tricks
So, how do you keep your business safe from these North Korean shenanigans? Here are some tips:
- Verify Everything: Double-check misspellings, cross-reference photos and contact info with social media profiles and other platforms.
- Background Checks: Confirm previous employment and education directly with institutions.
- Fingerprints & Drug Tests: If you smell something fishy (or can’t mandate in-person checks), ask for video calls with clear backgrounds. Get creative—ask them to point the camera out a window or wave their hand to weed out any AI trickery.
- Payment Vigilance: Compare employee payment accounts and flag those using similar documentation or those who frequently change banks.
- Secure Shipping: Only send work-related equipment to verified addresses. If they request a different address, demand more documentation.
- Educate Third-Party Vendors: If you outsource IT work, make sure your vendors are aware of these tactics.
Team Up with the FBI
Build a solid relationship with your FBI Private Sector Coordinator. They can assist with threat mitigation, and who doesn’t want the FBI on speed dial?
Sound the Alarm
If you suspect any funny business involving North Korean IT workers, report it to:
- Your local FBI Field Office: www.fbi.gov/contact-us/field-office
- FBI’s Internet Crime Complaint Center: www.ic3.gov
- FBI tip line: 1-800-CALL-FBI (225-5324)
Stay smart, stay safe, and keep those North Korean IT worker shenanigans at bay!
For the original article, check out: FBI Consumer Protection Update
Original article: https://www.ic3.gov/PSA/2025/PSA250723-4