Comment by nucleardog

Comment by nucleardog 17 hours ago

Inform what companies directly? If it's this pervasive, that's not going to be effective.

I work at a small (~30 person) SaaS company. We interviewed what I took to be a case of this the other day (all the classic signs). Nobody would be keeping an eye on our hires or letting us know about this.

And in the process of confirming that this was fishy, I contacted one of the past employers he claimed after doing my best to confirm _they_ weren't in any way part of the scam. They confirmed he had never worked there. I sent them his LinkedIn and portfolio site in case they wanted to chase down getting their name removed.

They told me that this was super concerning because the screenshots in his portfolio of the app he worked on for them were real screenshots... for an unreleased app that was only available internally and had never even been demoed for clients.

They'd already been breached and had god knows what exfiltrated. They found out because we caught an attempt to get hired at _our_ company and let them know.

Nobody outside of a couple of technical staff at our company had even _heard_ of this. Nobody at the other company had. The fix, to me, seems to be making people involved in hiring more aware of this. If anything, it seems we should be talking about this _more_ and _more publicly_.

alganet 16 hours ago

Is your company involved in infrastructural or emerging tech in any way?

Forgive my frankness, but these worries about infiltrators have priority in important, large companies. I am very sure agencies responsible for this can contact these handful of important companies directly.

So, you're right. In the current age we live in, no one cares about your small SaaS company, and you're being used to spread unecessary paranoia and fear.

Reply View 11 replies

nucleardog 12 hours ago

Other company was, indeed, AI Startup #528532.
We're in a niche, extremely boring industry. We have an extremely small client base. We do line-of-business/sales management applications for something akin to like... light switches and light fixtures. The most exclusive thing we have access to is wholesale pricing from manufacturers. We don't handle payments. The extent of PII we handle is "name and email" from when someone emails out a quote.
We are the epitome of uninteresting to a foreign actor. Being "uninteresting" apparently does not disqualify you.
We also do not hire overseas (the applicant claimed to be from California) and offer a good US wage. We weren't targeted or vulnerable because we were being "greedy".

Reply View | 4 replies
- alganet 4 hours ago
  
  You do hire remote workers, don't you?
  If you had to hire workers in office, would you have space and infrastructure for all of them?
  From my perspective, this would solve the issue. Unless you're worried about in-person north korea spies.
  I don't know man, seems like you're living in some cold war mind trap or something.
  
  Reply View | 0 replies
- xarope 5 hours ago
  
  Isn't this the best way to start an infiltration, though? Like hiring a janitor or cleaner, who is able to access the office during off hours, and can start planting false information, which is then used by a more relevant company years later?
  
  Reply View | 1 reply
  
  alganet 4 hours ago
  
  If you start thinking like this, then no one will ever feel safe.
  I think this kind of idea is stupid.
  
  Reply View | 0 replies
- bn-l 11 hours ago
  
  30 people. Damn. I suppose they must be casting a massive net. Pretty concerning.
  
  Reply View | 0 replies
jjmarr 16 hours ago

North Korea has a shortage of foreign currency.
It's not just espionage. They need US dollars to pay for smugglers.

Reply View | 5 replies
- alganet 16 hours ago
  
  Greed meets greed. Companies hiring cheap labor, being exploited in several fronts.
  It was a decision for several companies to spread thin their offshore hiring. They practically invited infiltrators in.
  Keep focused. Small companies never mattered for nations, they are irrelevant. Spreading paranoia will not solve their over-reliance on this exploited offshore problem. It will likely lead them to bankrupcy.
  Ultimately, it doesn't invalidate what I said. It actually makes my comment more relevant.
  
  Reply View | 4 replies
  
  cyberax 11 hours ago
  
  > It was a decision for several companies to spread thin their offshore hiring. They practically invited infiltrators in.
  It's not offshore. Infiltrators are pretending that they're in the US. I first saw this 2 years ago, and they were pretty clumsy back then: always blurred background (and refusing to unblur it) and/or doing calls from a windowless office. You could even see their eyes moving, like they're reading the script.
  This year they became much fancier. They use backgrounds with the real time-of-day and weather illumination. The eyes no longer move unnaturally, etc.
  
  Reply View | 3 replies

cyberax 11 hours ago

> I work at a small (~30 person) SaaS company. We interviewed what I took to be a case of this the other day (all the classic signs). Nobody would be keeping an eye on our hires or letting us know about this.

I'm in a similar situation. The HR leads company is trying to filter out the fakes, but they can't catch everyone.

Apparently, the infiltrators specifically target the companies in the 10-50 people range. In smaller companies everybody knows what everybody else is doing, so infiltrators will be swiftly uncovered. And larger companies typically have a well-established HR department that will catch obvious fakes without good cover.

But these mid-range companies provide the best chance for the fakes to get at least a couple of paychecks before being uncovered. And they likely won't bother with going to the FBI to chase down the payments.

Reply View 6 replies

Barbing 3 hours ago

[Background: We both know companies should (must?) inform the feds if they accidentally (illegally?) hire someone as a part of fraud perpetrated against them.]
>And they likely won't bother
Thank you for your insight. Unfortunate! The rationale makes sense—the temptation to sweep under the rug—but doesn’t make it right, which as established we both know.
…you can perhaps tell I was frustrated with what seemed to be an argument against actually taking this course of action; hope replying here is better than arguing directly downthread esp. in case I misunderstood something

Reply View | 0 replies
alganet 10 hours ago

Why shouldn't they go to the FBI?
I strongly recommend going to official authorities if you believe you're being duped by a foreign nation spy or conspirator.
If they ignore you, it's more likely that you're not that important, like I said previously.

Reply View | 4 replies
- cyberax 9 hours ago
  
  > Why shouldn't they go to the FBI?
  I'm not saying "shouldn't". It's more likely "don't bother".
  Interacting with the law enforcement takes time executives' time, it might bring in complications (legal liability for personal data leaks, etc.), and even in the best case the company is not going to get their money back.
  
  Reply View | 3 replies
  
  alganet 9 hours ago
  
  So, it's a big problem that everyone should know about but do nothing except post shit on news?
  No, you should bother. You should bother a lot. Get in contact with the FBI, make a huge deal about it. You think one company can handle a spy agency? That's bad advice.
  
  Reply View | 2 replies