How does a "you interview for US company, we do the work" scam work?

33 points by marttilaine ↗ HN
Got this scam email about an opportunity to earn passive income by acting as the front for an employment fraud scheme.

How does the scammer benefit from this operation?

I can think of 2 ways:

- Personal / private data mining, but this seems quite work intensive for that purpose - Actually going through with the whole scam and disappearing after first salary payments come through

Any other ideas? Anyone have experience or insight about this?

---

Full email below:

"Hi <name>, I hope you’re doing well.

My name is <sender>, and I’ve been a software developer for over 7 years — mainly full stack, with a strong focus on frontend. I’m reaching out because I’m looking for someone to collaborate with, and I think you're the best one whom I'm looking for.

I used to partner with my friend Jim, and we worked really well together. Sadly, he was diagnosed with cancer about a month ago, and he advised me to find someone new to team up with. That’s why I wanted to talk to you.

Here’s the idea: I’ll handle sending proposals to companies, and you would take care of the interviews with recruiters. My English isn’t strong enough for U.S. interviews, so I’m looking for someone who is confident in English and also has strong technical knowledge. If we land a position, you’d receive a share of the monthly salary, while I would take care of the actual development work.

My initial suggestion is a 50/50 split of the salary after tax. For example, if a job pays $10K per month and taxes are 30% ($3K), the remaining $7K would be split evenly — $3.5K each.

I will manage all the proposals and keep you informed about interview schedules. If things work out and we join a team, I’ll handle the project development. Then you'll get profit every month without any work.

If this sounds interesting to you, please let me know — I’d really like the chance to work together.

Thank you, Best regards, <sender>"

22 comments

[ 3.3 ms ] story [ 43.2 ms ] thread
There's been an ongoing issue with North Korean state agents infiltrating SV companies, and this proposal helps them pass the interview process more easily.

There's multipronged benefit for them: Access to company infrastructure to potentially cause harm or ransom in the future, access to technology / intelligence, but also simply foreign currency.

Outsourcing your own job is quite a fraud business.

  Recently my friend was approached by a Telugu broker stating that he would pay 10k for a part time job ... My friend agreed to a tech stack and he was connected with one of his US clients and he started sharing his screen and gave him his entire sprint's work.

  There are thousands of such [Non-resident Indians] especially from Andhra, Telangana going to USA not learning anything about industry, these people have no coding knowledge, can't even explain their work properly to [3rd parties]. They [earn] 6 digit USD [and pay] these brokers some 40-50K Rupees [$6000] every month and outsourcing it to a jobless Indian. Brokers eat away most of the money and pay the end person around 10k [$100].

  The worst part, my friend said it would take around 40 hrs a month (2 hrs everyday) to complete this US client's sprint tasks (client works for a major [Multi-National Corp for] ~120k USD/year, while my friend gets 10k rupees/month [$100/mo].
https://www.reddit.com/r/developersIndia/comments/1chm6g4/nr... / https://archive.vn/DbK9x
You should update your CV accordingly: "Likely to pass several technical interviews (as assessed by the North Korean Reconnaissance General Bureau)."
Maybe they just want access to the specific companies? Like, you get hired by the company. You hand over username/password/vpn-info to them. Then they have a way inside the company and can try to steal information, install backdoors, whatever, with very low risk of getting caught.
I literally just got this email as well
hmm, my ex-manager would probably appreciate these guys over me because I bet they never point out when someone is an idiot.
There are generally 2 angles to it:

* malicious: hostile actors want to gain footholds into companies - North Korea, etc

* benign: people in lower income countries want to do the job and can make good profit even when giving half the salary to you.

For the second option, some are scams and only want to pocket a month or two of salary without delivering before the company fires them. Others actually deliver and can keep the arrangement going long-term.

You’ll pass the sniff test, they don’t.

Be careful they might try and use your identity to then commit more fraud.

You will get interviews from fake companies these same guys organised in the same manner, then you get paid, send them their half, and then it will turn out that those companies were fakes and pay came from accounts fed by stolen corporate CC numbers, and you will go to jail because everything was done from your name.
I got this offer once but they wanted 80%, which won’t even cover taxes. They wanted the money first so, which was shady, like what guarantee would anyone have they would get anything. Plus they would need all of someone’s personal info.
Basically you're lending your name and identity as a front for someone with malicious intentions.

There are a few different angles to this. Other people have already mentioned the North Korean state-sponsored espionage, but honestly I think this is a small minority of this market.

The other two big ones are visa fraud and employment fraud. With the first one, you have a developer, possibly even skilled in a low-wage overseas company (say Thailand) that wants to make American wages. If he applies as who he actually is, he makes Thai wages, which can be as low as $10K/year. If he uses your identity to apply, he makes American wages, say $200K+/year. He can split that with you and make 10x what he would otherwise, while you get $100K/year for doing nothing (assuming he's honest enough to pay out, which is not a guarantee. There's no honor in thieves).

With the second, they use his interview skills and your identity to get the job, and then do nothing except get other jobs. It's remarkably hard to fire a U.S. employee without risks of lawsuits. If the employer does seem to catch on, he has a lawyer and a psychiatrist on the payroll too. The psychiatrist produces a doctor's note that you are disabled, the lawyer threatens to sue if you are fired. "You" go on disability, where you can stay for up to a year and they can't fire you. Collect the salary, move on after the year. In the meantime, "you" (or the organization using your identity) has done the same thing to hundreds of other corporations. I personally know 2 managers that have been victimized by this scam.

In all 3 cases, you're not the direct victim of the scam. They're using your identity as a shield to legitimize the scam. When it's discovered, it's you who suffer the reputational risk and/or criminal charges.

I think the most wrong thing about this is the disability thing.

In the US, you don't just get paid for disability. No. The closest thing is FMLA, which:

- is unpaid - only granted after 1 year of work, and - does not guarantee your position

>It's remarkably hard to fire a U.S. employee without risks of lawsuits.

This is absolutely not true. The amount of remote tech jobs with right to work protection is so close to zero to be a rounding error.

You can sue anyone/company at any time for any reason for like a $20-75$ filing fee. The case will be dismissed if it has no merit but there is no way to stop the filing aka "suing" which is why legal departments exist.

Government jobs are basically it and are again so rarely remote to make it non existent.

I suspect that the reason people think this is that so many companies are brazenly breaking laws that when they fire someone it is easy to sue them.

You're saying a psychiatrist in the U.S. would put their license to practice at stake and write fake disability notes? This would also continuous documentation as long-term disability would be through the company's provider, who don't operate in an easy peasy 1 letter and you're good system, they require a ton of paperwork up front and continuous supporting paperwork for a valid medical claim that can be supported by patient evidence. They even have their own doctors on staff verifying these claims. Those insurance companies are itching to find a reason to stop covering someone / deny long-term payments.
Just playing devils advocate but don’t companies already do this to their customers, silently outsource to another company or contractor? What’s the difference here if people do this but still make sure that the work is done properly?
Corporates provide insurance and some liability protection and usually have contractual agreements.

For individuals, The threat of criminal convictions only works in very limited circumstances, and is limited to people within the same jurisdiction as the buyer.

Its a nice little window into low trust societies and what you get when you outsource and decide there is no difference in cultures about honesty and work ethics. This "applicant" will $ublet himself out of that equation once the situation has stabilized.
Founder of Endorsed here. We help employers block situations like these where job seekers are collaborating with the scammers.

As other have pointed out, there are multiple types of scammers here.

The most benign are people who just want US salaries. The most malicious is North Korea who will go as far as installing ransomware and infiltrating financial institutions (especially crypto) to steal user money.

We know North Korea is much of the problem since the FBI gets involved in the malicious cases that I described and they publish reports. It’s hard to tell though because companies want to keep news they are infiltrated as quiet as possible.

I’m not sure which type of fraudster sent you this email other than the rate they are saying they will pay (50%) is exceptionally high. We know the North Koreans pay 10% for using your identity for ID verification etc, and 20% if you are the front man.

Nostrademons wrote a great comment about how they can use your identity here in problematic ways. I’m not sure how much this has happened since I have yet to hear about it in private stories from employers, who tend to be pretty candid. From what I can tell the fraudsters want to stay under the radar and be employed as long as possible. A lot are great engineers so they pull it off.

That said, rarely do people want to talk about this topic who are involved so it’s hard to tell what fully happens in each scenario.

(comment deleted)
I believe it works like this: it’s criminal fraud, and you’re the patsy