Amazon Blocks 1,800 Job Applications Linked to Suspected North Korean Operatives
Amazon has prevented more than 1,800 job applications from individuals believed to be linked to North Korea, according to the company’s chief security officer.
Stephen Schmidt said the applicants attempted to secure remote IT roles using stolen or fabricated identities, with the aim of earning salaries that could be redirected to support the North Korean regime. Writing on LinkedIn, he warned that the activity is likely widespread across the technology sector, particularly in the United States.
Schmidt said Amazon recorded an almost 30% rise in suspected North Korean job applications over the past year. He explained that operatives often rely on so-called “laptop farms” – computers physically located in the US but controlled remotely from abroad – to appear as legitimate domestic workers.
The company uses a mix of automated screening tools, including artificial intelligence, alongside manual reviews by staff to vet applications, Schmidt said. He noted that the methods used by the applicants have grown more sophisticated, with fraudsters hijacking inactive LinkedIn accounts through leaked login details to obtain verification and appear credible to employers.
US and South Korean authorities have repeatedly warned about North Korean efforts to generate revenue through online employment fraud and cyber-enabled schemes. Schmidt urged companies to report suspicious applications and outlined warning signs for employers, such as inconsistencies in education records or improperly formatted phone numbers.
The comments follow recent law enforcement actions in the US. In June, the Department of Justice said it had uncovered 29 illegal laptop farms operating across the country, which used stolen or forged American identities to help North Korean IT workers obtain jobs. Several US-based intermediaries were charged for facilitating the scheme.
Last month, an Arizona woman was sentenced to more than eight years in prison for running a laptop farm that helped North Korean operatives gain remote roles at more than 300 US companies. Prosecutors said the operation generated over $17m in illicit income that benefited both the organisers and the North Korean state.
