Even safety specialists could be fooled. In July 2024, Knowbe4, a Florida-based firm that provides safety coaching, found {that a} new rent generally known as “Kyle” was really a overseas agent. “He interviewed nice,” says Brian Jack, KnowBe4’s chief data safety officer. “He was on digicam, his résumé was proper, his background test cleared, his ID cleared verification. We didn’t have any purpose to suspect this wasn’t a legitimate candidate.” However when his facilitator—the US-based particular person giving him cowl—tried to put in malware on Kyle’s firm pc, the safety workforce caught on and shut him out.
Again in london, Simon Wijckmans couldn’t let go of the concept any person had tried to idiot him. He’d simply learn in regards to the Knowbe4 case, which deepened his suspicions. He performed background checks and found that a few of his candidates have been undoubtedly utilizing stolen identities. And, he discovered, a few of them have been linked to recognized North Korean operations. So Wijckmans determined to wage a bit of counter train of his personal, and he invited me to look at.
I dial in to Google Meet at 3 am Pacific time, drained and bleary. We intentionally picked this offensively early hour as a result of it’s 6 am in Miami, the place the candidate, “Harry,” claims to be.
Harry joins the decision, wanting fairly fresh-faced. He’s perhaps in his late twenties, with quick, straight, black hair. Every thing about him appears intentionally nonspecific: He wears a plain black crewneck sweater and speaks into an off-brand headset. “I simply awoke early at the moment for this interview, no downside,” he says. “I do know that working with UK hours is form of a requirement, so I can get my working hours to yours, so no downside with it.”
To this point, every little thing matches the hallmarks of a pretend employee. Harry’s digital background is likely one of the default choices supplied by Google Meet, and his connection is a contact gradual. His English is nice however closely accented, regardless that he tells us he was born in New York and grew up in Brooklyn. Wijckmans begins with some typical interview questions, and Harry retains glancing off to his proper as he responds. He talks about numerous coding languages and name-drops the frameworks he’s conversant in. Wijckmans begins asking some deeper technical questions. Harry pauses. He seems confused. “Can I rejoin the assembly?” he asks. “I’ve an issue with my microphone.” Wijckman nods, and Harry disappears.
A few minutes cross, and I begin to fret that we’ve scared him away, however then he pops again into the assembly. His connection isn’t a lot better, however his solutions are clearer. Possibly he restarted his chatbot, or bought a coworker to teach him. The decision runs a number of extra minutes and we are saying goodbye.
Our subsequent applicant calls himself “Nic.” On his résumé he’s bought a hyperlink to a private web site, however this man doesn’t look very similar to the profile picture on the location. That is his second interview with Wijckmans, and we’re sure that he’s faking it: He’s one of many candidates who failed the background test after his first name, though he doesn’t know that.
Nic’s English is worse than Harry’s: When he’s requested what time it’s, he tells us it’s “six and previous” earlier than correcting himself and saying “quarter to seven.” The place does he stay? “I’m in Ohio for now,” he beams, like a child who bought one thing proper in a pop quiz.