Large-Scale Hiring Fraud Uncovered

Amazon said it blocked more than 1,800 job applications tied to suspected operatives from North Korea, who attempted to obtain remote information technology roles. According to Amazon’s chief security officer Stephen Schmidt, applicants used stolen or fabricated identities to bypass hiring controls.

The company reported a near one-third rise in such applications over the past year, suggesting the activity is growing rather than episodic.

Fake Identities and Laptop Farms

Amazon said the applicants relied on increasingly sophisticated tactics, including hijacking inactive LinkedIn accounts to impersonate legitimate software engineers. Some operatives used “laptop farms”—US-based computers accessed remotely from abroad—to appear physically located inside the country during recruitment checks.

The firm combined AI-based screening tools with manual reviews by security staff but warned that identity fraud methods are becoming harder to detect.

Wider Security and Legal Context

U.S. authorities have previously uncovered 29 illegal laptop farms operating nationwide. Prosecutors say one Arizona-based scheme placed operatives inside over 300 US companies and generated more than $17 million in illicit revenue, with funds routed back to Pyongyang.

Officials warn that income from overseas IT work is used to support state programs, including weapons development, increasing pressure on companies to tighten remote hiring verification and sanctions compliance.