Link Search Menu Expand Document
Publications
  1. POTENTIAL MITIGATION MEASURES

POTENTIAL MITIGATION MEASURES

For freelance work and payment platform companies

  • Verify documents submitted as part of proposal reviews and contracting due-diligence procedures, such as independently verifying invoices and work agreements by contacting the listed clients using contact information given in business databases and not the contact information provided on the submitted documentation;
  • Closely scrutinize identity verification documents submitted for forgery, potentially reaching out to local law enforcement for assistance. Reject low-quality images submitted to provide verification of identity;
  • Verify the existence of any websites provided to establish accounts; enhance scrutiny for any accounts that have utilized defunct websites to establish the accounts.
  • As part of initial due diligence contracting processes and refresh policies, require submission of a video verifying identity or conduct a video interview to verify identity;
  • Regularly use port checking capabilities to determine if the platform is being accessed remotely via desktop sharing software or a VPN or VPS, particularly if usage of remote desktop sharing software or VPN services to access accounts is not standard practice;
  • Automatically flag for additional review client and developer accounts that use the same or similar documentation to establish the accounts or that use the same digital payment service accounts;
  • Automatically flag for additional review the use of the same or similar document templates for bidding and project communication across different developer accounts;
  • Automatically flag for additional review multiple developer accounts receiving high ratings from a single client account in a short period, especially if similar or identical documentation was used to establish the accounts;
  • Automatically flag for additional review developer accounts with high bidding rates as well as accounts with a low number of accepted project bids compared to the number of project bids. Additionally, flag accounts with a high number of project bids relative to number of account logins;
  • Do not allow any activity in newly established accounts prior to full account verification;
  • Provide extra scrutiny to newly established accounts;and

For companies hiring programmers and developers on freelance platforms

  • Conduct video interviews to verify a potential freelance worker’s identity;
  • Conduct a pre-employment background check, drug test, and fingerprint/biometric log-in to verify identity and claimed location. Avoid payments in virtual currency and require verification of banking information corresponding to other identifying documents;
  • Use extra caution when interacting with freelance developers through remote collaboration applications, such as remote desktop applications. Consider disabling remote collaboration applications on any computer supplied to a freelance developer;
  • Verify employment and higher education history directly with the listed companies and educational institutions, using contact information identified through a search engine or other business database, not directly obtained from the potential employee or from their profile;
  • Check that the name spelling, nationality, claimed location, contact information, educational history, work history, and other details of a potential hire are consistent across the developer’s freelance platform profiles, social media profiles, external portfolio websites, payment platform accounts, and assessed location and hours of work. Be extra cautious of simple portfolio websites, social media profiles, or developer profiles;
  • Be cautious of a developer requesting to communicate on a separate platform outside the original freelance platform website where a company initially found the IT worker;
  • If sending to a developer documents or work-related equipment such as a laptop, only send to the address listed on the developer’s identification documentsand obtain additional documentation if the developer requests that the laptop or other items be sent to an unfamiliar address. Be suspicious if a developer cannot receive items at the address on their identification documentation; and
  • Be vigilant for unauthorized, small-scale transactions that may be fraudulently conducted by contracted IT workers. In one case, DPRK IT workers employed as developers by a U.S. company fraudulently charged the U.S. company’s payment account and stole over USD 50,000 in 30 small installments over a matter of months. The U.S. company was not aware the developers were North Korean or of the ongoing theft activity due to the slight amounts.

Table of Contents