Amazon has revealed that it blocked more than 1,800 job applications connected to suspected North Korean agents. The applications were mainly for remote IT roles and used stolen or fake identities to bypass hiring checks.
According to Amazon’s Chief Security Officer, Stephen Schmidt, these individuals aim to get hired by US companies, earn salaries, and secretly send the money back to North Korea. He warned that this issue is not limited to Amazon and is likely affecting many companies across the tech industry, especially in the United States.
Over the past year, Amazon noticed a sharp rise in such activity. Job applications believed to be linked to North Korea increased by nearly one third. Many of these applicants relied on false personal details and manipulated online profiles to appear legitimate.
One common tactic involves the use of so called laptop farms. These are computers physically located in the US but controlled remotely by workers outside the country. This setup helps foreign operatives appear as if they are based in America, which makes it easier to pass location checks during hiring.
To counter this threat, Amazon uses advanced AI tools along with human review teams to verify job applications. Despite these efforts, Schmidt said the fraud methods are becoming more advanced. Some bad actors hijack inactive LinkedIn accounts using leaked login details. They often copy the profiles of real software engineers to look more credible.
Amazon has urged other companies to stay alert and report suspicious applications to authorities. Warning signs include incorrect phone number formats, inconsistent education records, and mismatched work histories.
