Cybersecurity company KnowBe4 has issued a warning regarding a North Korean fake employee hiring scam, which the organisation recently experienced and successfully mitigated.
KnowBe4 recently released information about how a North Korean fake employee was accidentally hired and detected. The fake employee was quickly detected after they started to access the supplied laptop in unusual ways. Their onboarding access was shut down within 25 minutes of the first security alert. No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems.
“There are common signs of this fake employee hiring scheme both during and after the hiring process,” said KnowBe4 CEO Stu Sjouwerman. “Every organisation should educate all employees involved in the hiring process about the risks and consider various mitigation tactics such as updating the organisation’s hiring process to include asking the candidate to submit fingerprints for identity verification purposes, threat model the organisation’s hiring process, and more. We were inspired to share our experience with this unfortunate situation to bring awareness to how pervasive this situation is and to use it as a warning to help protect other organisations from falling victim.”
KnowBe4’s new whitepaper details what the North Korean fake employee industry is like, shares many of the signs to look for, and discusses many ways organisations can update their hiring policies to prevent hiring fake employees.