Amazon's AI Uncovers 1,800+ North Korean Job Scams Targeting Remote Tech Roles

Amazon's AI Uncovers 1,800+ North Korean Job Scams Targeting Remote Tech Roles

Amazon has blocked over 1,800 job applications from suspected North Korean agents since April 2024, according to Stephen Schmidt, the company's chief security officer. In a LinkedIn post, Schmidt revealed that these operatives have been increasingly targeting remote tech roles, particularly in AI and machine-learning, due to high demand in these fields.

Stephen Schmidt is Amazon's chief security officer.

Their objective is typically straightforward: get hired, get paid, and funnel wages back to fund the regime's weapons programs. To combat this, Amazon employs a combination of AI-powered screening and human verification. The AI model searches for connections to around 200 "high-risk institutions" and analyzes anomalies across applications, such as geographic inconsistencies and formatting quirks—like using "+1" instead of "1" for U.S. phone numbers.

Human reviewers then conduct background checks, verify credentials, and carry out interviews. Schmidt noted that fraudsters are becoming more calculated, often targeting real software engineers to gain credibility or taking over dormant LinkedIn accounts. Many operate through "laptop farms"—U.S.-based locations that maintain a domestic presence while workers operate remotely from abroad.

This isn't an isolated issue. Schmidt emphasized that this is likely happening at scale across the industry. In July, an Arizona woman was sentenced to 102 months in prison for assisting North Korean IT workers in securing remote jobs at over 300 U.S. companies, generating more than $17 million in illicit revenue. CrowdStrike's 2025 Threat Hunting Report identifies this as a growing threat, with Amazon detecting a 27% increase in North Korea-linked applications quarter over quarter this year.

The FBI recommends that businesses scrutinize identity verification documents, verify prior employment and education, and require in-person meetings to mitigate risks. As remote work expands, companies must bolster their security measures to protect against such sophisticated fraud schemes.