How do you catch a DPRK actor you ask
Contents
How do you catch a DPRK actor you ask? Here are a few things to think about;
1. They love to use a VPN when applying for jobs. Check your HR system.
2. They love certain email schemas, including emails ending in "dev", "eng", "soft", using periods to separate names (e.g., http://luke.ford.dev, corly.devguru. They most commonly use gmail. They also have numbers at the end such as "benton.franklin.0710" "dev84".
3. They almost always use a virtual phone number (e.g., Goog Voice, Skype, etc.) during the application process. That said, recently there have been some that have leveraged a U.S. facilitator's number.
4. Their linkedin accounts are typically quite new (<3-6 months old). In some cases, they pay off people (or steal the accounts) to take over their old "seasoned" linkedin account. They often delete all of the user's old posts though.
5. They LOVE to have accounts on hackerrank, glassdoor, talent, upwork, replit, calendly etc …
1. They love to use a VPN when applying for jobs. Check your HR system.
2. They love certain email schemas, including emails ending in "dev", "eng", "soft", using periods to separate names (e.g., http://luke.ford.dev, corly.devguru. They most commonly use gmail. They also have numbers at the end such as "benton.franklin.0710" "dev84".
3. They almost always use a virtual phone number (e.g., Goog Voice, Skype, etc.) during the application process. That said, recently there have been some that have leveraged a U.S. facilitator's number.
4. Their linkedin accounts are typically quite new (<3-6 months old). In some cases, they pay off people (or steal the accounts) to take over their old "seasoned" linkedin account. They often delete all of the user's old posts though.
5. They LOVE to have accounts on hackerrank, glassdoor, talent, upwork, replit, calendly etc …