Amazon has revealed that it blocked more than 1,800 job applications tied to suspected North Korean operatives, exposing how global tech companies are quietly fighting a new kind of digital warfare — one fought with fake CVs, stolen identities, and remote laptops.
According to Amazon’s Chief Security Officer, Stephen Schmidt, the applicants were attempting to secure remote IT roles using forged or stolen identities. The endgame was simple and cold-blooded: get hired, get paid in dollars, and secretly funnel the money back to fund North Korea’s weapons and military programs.
This isn’t a one-off glitch in the system. Schmidt made it clear this is happening at scale across the tech industry, especially in the United States. Amazon alone has seen nearly a one-third increase in suspicious applications linked to North Korean actors over the past year — a sharp spike that set off internal alarms.
The scheme is more advanced than your average scam. These operatives reportedly work with collaborators running so-called “laptop farms” — physical computers located in the US but remotely controlled from abroad. This setup helps them bypass location checks and appear like legitimate American workers.
To counter this, Amazon deployed a mix of artificial intelligence tools and hands-on human verification to screen applications. Even so, Schmidt admitted the fraudsters are leveling up fast. Some are hijacking dormant LinkedIn accounts using leaked login details, masquerading as real, verified software engineers to gain credibility.
Amazon is now urging other employers to stay sharp and report suspicious applications to authorities. Red flags include poorly formatted phone numbers, inconsistent education histories, and details that don’t quite line up. In corporate terms: trust, but aggressively verify.
Governments are already moving. In June, US authorities uncovered 29 illegal laptop farms across the country connected to North Korean IT workers. The US Department of Justice also indicted American brokers who helped place these operatives in jobs. A month later, an Arizona woman was sentenced to over eight years in prison for running a massive laptop-farm operation that helped North Korean workers infiltrate more than 300 US companies.
That single scheme reportedly generated over $17 million in illicit funds — money the DOJ says benefited both the operator and the North Korean regime.
Bottom line: remote work is powerful, but it’s also a new battlefield. Amazon’s move shows that cybersecurity today isn’t just about firewalls and malware — it’s about who you’re hiring, where they’re really working from, and who ultimately gets paid. The digital border is real, and companies are learning the hard way that it needs guarding.