Two Americans Helped North Korea Steal $5 Million — How the Fake IT Worker Scheme Worked

By

Two Americans Helped North Korea Steal $5 Million — How the Fake IT Worker Scheme Worked

You are currently viewing Two Americans Helped North Korea Steal $5 Million — How the Fake IT Worker Scheme Worked
A remote worker appears normal on screen, but cases like this show how scammers can hide behind real-looking identities and work from inside companies.

Two Americans helped North Korea run a fake remote worker scheme that stole $5 million. Here’s how it worked, how companies were fooled, and how to protect your personal data.

What Happened?

According to TechCrunch, two men from New Jersey were sentenced for helping North Korea place fake IT workers inside U.S. companies.

Kejia Wang and Zhenxing Wang set up fake companies and registered work laptops at U.S. addresses, allowing workers overseas to log in remotely. They also handled payments, helping move money earned from U.S. companies back to North Korea. 

These fake Korean IT workers were not real U.S. employees. They used stolen identities from more than 80 Americans to get hired.

The scheme ran for several years and brought in about $5 million for the North Korean government.

In some cases, the fake workers also gained access to company systems and sensitive data.

Both Americans received long prison sentences — one got 9 years, and the other got 7 and a half years.

How Did the Scheme Work?

This scam may sound complicated, but the idea is simple:

1. Korean workers used fake identities

The workers used stolen names and personal details.

They applied for remote tech jobs like any other candidate.

2. Americans helped them look real

The two American men handled payments and set everything up.

They made the workers appear like legitimate U.S. employees.

3. They hid the workers’ real location

Companies mailed work laptops to U.S. addresses, allowing workers overseas to log in using remote access tools to control the devices from abroad.

To employers, it looked like the worker was in the U.S., because the laptop itself was there. But the person using it was actually in another country.

4. Americans sent the money overseas

The workers got paid by real U.S. companies.

That money was then collected and sent back to North Korea.

Why Did American Companies Fall For It?

This scheme worked because nothing seemed unusual.

Remote work is now part of everyday business. Hiring someone who works from another state — or even another country — is normal.

These fake Korean workers did everything you would expect from a normal employee. They passed interviews, showed up online, and did the job.

From the outside, everything looked fine. That’s what made this so effective.

What Was the Real Goal?

This was not just about making money.

The goal was to send money back to North Korea.

U.S. officials say schemes like this help fund government programs, including weapons development.

There was also another risk.

Once these workers gained access to company systems, they could see sensitive information. Sometimes, they also took data or source code (the original code used to build a company’s website, app, or software).

Why This Matters to You

This case shows how cybercrime is changing.

It’s no longer just fake emails or scam texts.

Now, criminals can get hired inside companies. They can look like regular employees and work quietly from within.

What this means for you: Criminals do not always attack from the outside anymore. Sometimes they get access from inside a real company, which can put customer information and accounts at greater risk.

Person typing on a laptop with digital identity profiles, showing how fake remote workers can hide behind stolen identities
Scammers can use stolen identities and remote access to appear as legitimate employees, blending into companies while operating from abroad.

4 Steps You Can Take to Stay Safer

  1. Be careful with your personal information

Stolen names and details were key to this scheme. Don’t share sensitive information unless you’re sure who you’re dealing with.

Recent data shows identity theft is rising fast — in the U.S., someone becomes a victim every few seconds.

  1. Don’t trust someone just because they seem “official”

In this case, workers looked professional and got through the company’s hiring process — but they weren’t who they claimed to be.

The same idea applies in everyday life. A message, a caller, or even a “support agent” may sound real and convincing, but that doesn’t mean they are. Take a moment to verify before you trust or respond — go to the company’s official website or call them directly.

  1. Keep your accounts protected

Use strong passwords and turn on extra security like two-factor authentication when possible.

Email accounts are especially important to protect. They’re connected to your bank, shopping accounts, subscriptions, and more. If someone gets into your email, they can reset passwords for your other accounts and take control of them.

Futureproof Email Protection helps you set a strong email password and turn on 2-step verification with simple steps and a quick explainer video. Let’s make it harder for scammers to get into your account and steal your information. 

Small steps like these can help you avoid bigger problems later. 

Futureproof monitors your info for data leaks and helps you fix risks early. Get started to protect your information all year long. 

The Real Risk May Be Hidden Inside Companies You Trust

Remote work made life easier for regular workers — but also gave criminals new ways to get inside companies.

You may never meet the person you’re dealing with, so it’s harder to know who’s real.

Here’s what to keep in mind:

  • Don’t trust someone just because they sound professional
  • Be careful when someone asks for personal details or access
  • Always verify through official sources

Today, looking professional is not proof anymore, so always double-check who you are dealing with before you share information, send money, or give access.