Fake Hires, Real Threats: When Background Checks Aren't Enough
Mabel Soe
BSidesSF 2025 — Here Be Dragons · Day 1 · Main
North Korean IT workers have been systematically infiltrating tech companies — including small startups — by constructing elaborate fake identities, passing background checks with stolen U.S. citizen credentials, and funneling salaries back to fund weapons programs. Mabel Soe drew on her experience at Clockwise to walk through real detection patterns, the hiring biases that let these candidates through, and a layered set of mitigations that teams can implement without waiting for a security budget approval. ---
AI review
Soe came with real incidents, real red flags from real candidates, and the institutional courage to say out loud that race and accent are not indicators. The Wellfound integration removal reducing fake candidate volume dramatically is the most operationally valuable single data point in the talk. Small companies think they're immune. They aren't.