Amazon Blocks Over 1,800 Job Applications from Suspected North Korean Agents
Amazon has reported blocking more than 1,800 job applications from suspected North Korean agents. Stephen Schmidt, Amazon's chief security officer, revealed this in a statement on LinkedIn. The individuals attempted to apply for remote IT roles using stolen or fake identities, with the goal of being hired, paid, and funneling wages back to North Korea's weapons programs.
This activity appears to be happening at scale across the industry, particularly in the United States. US and South Korean authorities have warned about Pyongyang operatives conducting online scams. Amazon has observed nearly a one-third increase in North Korean job applications in the past year.
Fraudsters often operate through "laptop farms"—US-based computers remotely controlled from outside the country. Screening of applications involves a combination of AI tools and human verification. These operatives typically hijack dormant LinkedIn accounts using leaked credentials to appear legitimate, but red flags include incorrectly formatted phone numbers and mismatched education histories.
In June 2025, the Department of Justice reported that 29 laptop farms were operating illegally across the US, using stolen or forged American identities, and indicted US brokers involved.
In July 2025, an Arizona woman was sentenced to more than eight years in prison for running such a laptop farm. Her operation helped North Korean IT workers secure remote jobs at over 300 US companies and generated over $17 million in illicit gains for her and Pyongyang.
