How about once you want to hire a person, you interview them in person to hand over the laptop and security things. No need for them to come to head office, just use a trusted agent near them.

Insist they come for an in-person interview at some point before extending the offer, even if they will be based half a planet away. Their total salary, including benefits, is going to cost you six figures per year. And you're unwilling to invest a couple of grand at that final interview stage as part of your due diligence? If you get screwed it's entirely your own fault & you should be canned.

"And you're unwilling to invest a couple of grand at that final interview stage as part of your due diligence?"

Who's the "you" in this. Obviously it should be the business but more likely the "you" wanting to perform due diligence as the recruiting manager doing the interviews is not necessarily the "you" who's the beancounter unwilling to invest in travel or the "you" who's the bum-on-seat counter requiring return to office.

"the beancounter unwilling to invest in travel"

My highly educated guess is that it's that very same beancounter than caused the company to look to Poland and other 'outer' countries in the first place; read: lower pay. I very much doubt those very same beancounters would ever agree to spending one thin pence to guarantee the quality of their recruitment - it's not their problem, only that line on the balance sheet matters to these morons.

And why the world is going down the toilet, everything is reduced to money.

"I very much doubt those very same beancounters would ever agree to spending one thin pence to guarantee the quality of their recruitment - it's not their problem, only that line on the balance sheet matters to these morons."

Well then make it matter a reasonably long ten or twenty year prison sentence for everyone of them morons who do not do their due diligence should improve the failure rate. That includes the CEO who allowed the morons to continue such shady practices as well. That will get their attention and lead to some changes.

A) The Polish name might well be from a US citizen.

B) I'm not familiar with the IT industry in Poland but doubt that it would be "outer" in any other respect than it not being in the US.

C) If a job advert is placed globally then a response is as likely to come from Poland as elsewhere without specifically seeking out "outer" countries. OTOH it does, at the cost of the risk of finding a Nork, extend te talent pool.

I suppose a return to office police does protect against this specific problem as well as protecting against finding the widest choice of talent.

The IT industry in Poland is very strong; even the website of the company I work for was done in Poland, a "designer" here in America sold the idea to my boss (without my involvement until after I had to clean up the mess) who outsources all [her] programming to Poland contractors. I found out her 'dirty secret' after the site got hacked and I had to track down the full history - who was hosting it, where, how it was configured and how it was designed.

It's actually quite common, it seems, Poland is an up-and-coming outsourcing business country. Whilst they get paid good money by Polish standards, their pay is but a fraction of what U.S. programmers get paid and significantly less than the rest of the EU as well.

Oh? Is he fat? I am sure he is just big boned.

In the more parochial parts† of the US the candidate could easily and plausibly plead ignorance. "What congressional district does he represent?"

How any organisation would trust anyone with its corporate jewels without physically interviewing the candidate and completing the referee and basic background checks is entirely beyond my comprehension.

Probably involves peanuts and the inevitable monkeys albeit North Korean monkeys - the fact that you are receiving champagne output from a beer outlay in this industry of all places must rate as miraculous as wine from water.

† which parts aren't? Answers on a rollling paper.

"How any organisation would trust anyone with its corporate jewels without physically interviewing the candidate"

If you can recruit from the whole of the USA and don't have to supply a desk at your office, that gives you more developer for your buck

Flying someone cross continent is expensive and you want the economize on employee costs. It is also a drain on candidates.

In short, for low level jobs, that can be done remotely, it doesn't pay to fly candidates around. Any "ideal" candidates within commuting distance will already have been hired.

It benefits both parties. People in "remote" areas have a choice of jobs without having to move around the country and companies have a wider choice of candidates.

It is up to the company to ensure that the selection process is done well.

If you can recruit from the whole of the USA and don't have to supply a desk at your office, that gives you more developer for your buck

What about buying computers from a guy in a van in a parking lot?

And to weed out the Chinese ones ask "Do you think that Xi Jin Ping looks like Winnie the Pooh?"

You could use the same tactic to weed out UK applicants: "How well is Keef doing as PM?"

Would not work. We Brits would tell you outright - probably including a little Anglo-Saxon expletive or two. And more than two if we're not a supporter.

Therefore anyone who says something nice about the PM is fake.

"as miraculous as wine from water."

AKA too good to be true but never realised by those whose credulity is only matched by their greed.

There is another one. How many Zetaflargs are required to polfroozle a qualpyklang? Apparently they just don't know this, even though it's common knowledge for the rest of us.

This must be one of those trick questions where you know the answer is forty-two but can't explain why.

« "One of the things that we've noted is that you'll have a person in Poland applying with a very complicated name," he recounted, "and then when you get them on Zoom calls it's a military age male Asian who can't pronounce it." But it works enough that quite a few score the job and millions of dollars are being funneled back to North Korea via this route. »

So the person being interviewed can't pronounce their own name, how is that not an immediate red flag that ends the interview? These companies must be pretty desperate to fill the position to overlooking things like that

If you ask someone their name and they tell you something, you've got to assume that's how they pronounce it.

Many yanks have Irish names, both given and surnames but pronounce both incorrectly by Irish standards. I imagine the same is true for Polish names.

They could also ask the applicants to pronounce the names of a few cities from the region they claim to be living in, someone who's supposedly Polish being unable to pronounce Polish cities or struggling with basic Polish words would indicate something's not right

I've commented on this before - I'll comment again:

Why the assumption that the specific type of recruiters that would recruit in these specific conditions care that much about NOT recruiting a Nork spy ?

- A top notch company will have top notch recruiting practices, which would make such an infiltration impossible.

- A crappy company with crappy recruiting practices will be looking to piece meal deliver a crappy product. A "Champagne from the beer tap" employee, as described above, would be a bingo for them, and they'll dig their heads in the sand stories deep to be able to exploit such an opportunity. That the money is going to eventually work against their country and society would cause but a chuckle. Confronting them further will unleash a counter-barrage of whataboutism. At the end of the day, they'll claim they didn't know, and being the victim.

- A semi-crappy company with semi-crappy practices ? Whichever way the wind blows.

In all events, if the recruiting practices are wonky, they would have worn out the recruiters themselves enough to make them WANT this to happen and close their eyes each step of the way, or not caring altogether.

- A small top notch company that actually has to go through such practices ? Errr... Don't the Norks have enough money to have created, own, and run these from the beginning and from the top, in the first place ?

And I'm not even scratching the surface on recruiting agents that would do 90% of the prescreening fighting for a buck, then dumping the candidate to a lazy and/or incompetent manager as "This is the perfect one".

...is that once a person is beyond the initial selection and a viable candidate:

1, insist upon an in-person interview at the business premises.

2, give them very restricted access to company systems in the beginning.

3, related to 2, include a honeypot to see if they go poking around where they shouldn't.

Maybe the FBI, rather than warning about Norks, ought to be asking some serious questions about what sort of company would employ a person sight unseen (no, a video call doesn't count) and send them company hardware (potentially to a completely different address) and give that employee unfettered access to company systems?

Wait, I know this one. The US Department of Government Efficiency!

I'm wondering if my daughter had an in-person interview given that the company is almost entirely remote working - she certainly hadn't seen the UK office then and I'm not sure whether she's seen it now or even if it exists. It would certainly be unacceptable to use anything other than company computers for the information she handles.

Someone gets hires by people who've never actually met him, mainly on what they see him promise in interviews. Quite soon they start to regret it, but how do you fire the president?

"but how do you fire the president?”

Oh, oh, oh, I know this one; Congress has to....

Ah, yes, sorry, as you were....

Employing people unseen and without sufficient background checking is asking for trouble. In the example given, it'd be easy enough to check: there'll be a Polish support group within reach who would almost certainly welcome a few corporate bucks in exchange for a quick chat in their native tongue with this 'valuable candidate'. Let's see how quickly a North Korean can pick up that particular lingo!

I'm assuming the glorious C-suites that fell foul of this 'hijacking' are the very same people who discover they have rich relatives in Nigeria who inexplicably die in car wrecks. Perhaps El Reg would be kind enough to list them: I've got a couple of bridges that I need to get rid of...

Perhaps I should pass on some of the emails I get from people with impeccably Anglo-Saxon names offering all sorts of skills such as web-site development, mobile development, webapps etc. They arrive at the same address as the emails telling me Elon Musk says I shouldn't pay my electricity bill and always from gmail addresses.

> quite a few score the job and millions of dollars are being funneled back to North Korea via this route.

Which makes the employer directly in contravention of international sanctions on the country.

For my current job, it involved a full background check, I had to show my passport, credit check, turn up to the office in person on day 1.

Who the fcuk just hires some random assclown on another continent?

Quite apart from the obvious "Who's going to hire someone sight unseen to handle sensitive code or information?" question (because, let's face it, there are people dumb enough to do this out there) the obvious question is "Why are we taking this inane bit of propaganda seriously?". Many countries have lese majeste laws, some actively enforced (if you don't believe me, try it in Thailand...). But the implication is that the poor DPRK peasants are starving while Kim is living it up off the fat of the land, something that might well be true but hardly isolated to North Korea.

Just remember that we're paying the people who come up with this stuff. Its insultingly naive but, unfortunately, not untypical these days.Its like our entire government and its institutions have been taken over by a low grade tabloid that dabbles in titillation and rumor and has a target reading age of eight.

Ask them if the 2020 election was stolen, or if they think the orange makeup makes Trump look like a clown!