The Hidden Threat: How Fake Identities Used By Remote Employees Put Your Business At Risk—And How To Defend Against This

What information should you know?

In general, the scheme involves the use of deceptive tactics, including stolen identities and remote access technology tools, to secure IT employee or contractor positions within US-based employers. The allure of high pay for these roles, coupled with a comparatively low risk of detection, makes this scheme particularly enticing for DPRK operatives.

The US Department of Justice announced in a recent court-approved seizure action:¹

What can you do with this information?

We recommend that companies mitigate this risk by using a risk-based approach to:

We invite you to reach out to continue the conversation on how to most effectively detect, prevent, and correct this or other types of fraud, cybercrime, misconduct, and non-compliance.

^{1 https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation}

Contact

Kristofer Swanson, CPA/CFF, CFE, CAMS

Vice President and Practice Leader, Forensic Services

+1-312-619-3313 | [email protected]

Patricia Peláez, CPA/CFF, CFE, CPC, CAMS, CMS

Vice President, Forensic Services

+1-416-323-5574 | [email protected]

CRA’s Forensic Services Practice – including our digital forensics, eDiscovery, and cyber incident response lab – is certified under ISO 27001:2022 standards. The Practice has been recognized by National Law Journal, Global Investigations Review, and ranked by Chambers. CRA’s clients over the past two years included 97% of the AmLaw 100 law firms, and 82% of the Fortune 100 companies.