AI 'fake applicant' case raises North Korea job scam fears

March 19 (Asia Today) -- A suspected deepfake job applicant infiltrated an online hiring interview at a Japanese IT company, raising concerns about possible links to North Korean schemes to secure overseas employment and generate foreign currency.

According to a report Thursday by Yomiuri Shimbun, the applicant used artificial intelligence to impersonate a real individual by altering facial features and personal credentials during a remote interview conducted earlier this month in Tokyo.

The man, who identified himself under a false name, claimed he had been raised in the United States and requested fully remote work. When told that in-person attendance was required, he ended the interview after about two minutes.

The applicant had submitted an English-language résumé through a Japanese recruitment platform, listing experience at a major company and claiming native-level Japanese proficiency. However, the recruiter later discovered that the profile and career details matched those of Kenbun Yoshii, the chief executive of a Tokyo-based IT firm.

Related

• U.S., South Korea conclude Freedom Shield drills amid North Korea tensions
• Gabbard tells Senate panel only Trump can determine imminent threats
• The structural truth revealed by North Korea's delayed election

Yoshii said publicly available images and videos of him appeared to have been used to create the fake identity, describing the incident as "creepy and frightening." He later received multiple reports that similar applicants using his identity had applied to other companies.

Analysis of the interview footage by several organizations, including Okta and a Tokyo-based deepfake detection startup, found a high likelihood the video was generated using AI. Investigators cited irregularities such as unnatural hairline boundaries, brief misalignment of the eyes and mismatched lip movements and audio.

Okta said more than 6,500 similar cases have been identified globally in recent years, involving individuals believed to be North Korean IT workers using fake identities to obtain remote jobs at foreign companies. Some cases involved earnings being transferred back to North Korea, potentially supporting its weapons programs.

A separate analysis by Trend Micro found evidence that North Korean cyber groups have been experimenting with deepfake technology and producing large volumes of falsified résumés, often claiming full-stack engineering expertise.

Security experts warned that such tactics, once concentrated in the United States and Europe, are now spreading to Japan. They urged companies to strengthen identity verification procedures, including multi-factor authentication and in-person interviews.

Researchers also noted that rapid advances in deepfake technology have made detection increasingly difficult without technical tools, recommending layered verification methods and in-depth technical questioning during hiring processes.

-- Reported by Asia Today; translated by UPI

© Asia Today. Unauthorized reproduction or redistribution prohibited.

Original Korean report: https://www.asiatoday.co.kr/kn/view.php?key=20260319010005830