Financial Crime World

FBI Warns of North Korean IT Workers’ Fraudulent Transactions Detection in Democratic People’s Republic of Korea

The Federal Bureau of Investigation (FBI) has issued a recent alert warning US businesses and individuals about a growing threat posed by Information Technology (IT) workers from the Democratic People’s Republic of Korea (North Korea). The regime is allegedly evading sanctions by targeting private companies to illicitly generate revenue.

North Korean IT Workers’ Techniques

To conceal their identities, North Korean IT workers use various techniques, including:

  • Recruiting unwitting US-based individuals to gain fraudulent employment and access to company networks
  • Setting up internet connections, infrastructure, financial accounts, job search site profiles, and virtual interviews through US-based facilitators
  • Installing remote access software on devices sent by companies, violating US and UN sanctions and compromising the security of targeted companies

Facilitators’ Services

The FBI has identified several services provided by US-based facilitators to North Korean IT workers:

  • Setting up internet connections
  • Infrastructure setup
  • Financial account management
  • Job search site profiles
  • Virtual interviews
  • Receiving shares of proceeds earned through employment schemes

Protecting Yourself from Fraudulent Activities

To protect yourself from these fraudulent activities, the FBI recommends implementing identity verification processes during hiring and onboarding, monitoring network traffic for unusual remote connections, verifying identification information at E-Verify.gov, and remaining cautious regarding job offers involving package receipt or virtual positions.

Reporting Suspicious Activity

If you suspect that your business has been approached by a North Korean IT worker or fallen victim to a scheme:

  • Report immediately to the FBI’s Internet Crime Complaint Center (IC3)
  • Evaluate network activity from the suspected employee
  • Educate HR staff, hiring managers, and development teams about this threat

Global Alert

This issue is not limited to the US alone. The Republic of Korea and the Government of Japan have also alerted the public regarding North Korean IT workers. In 2022 and 2023, the US, along with foreign partners, issued public advisories describing how these workers operate and providing red flag indicators for businesses to avoid hiring them.

Prevention is Key

By taking proactive measures to detect fraudulent transactions and educating yourself about this threat, individuals and businesses can help prevent these illegal activities from occurring. Stay informed, stay vigilant, and take action to protect your business from North Korean IT worker fraud.