August 21, 2025

How to Prevent Hiring Fraud and Uncover Insider Threats Using Nametag

by
Nametag Team
North Korea Blog Post Header
press@nametag.co

Get in touch with our PR team.

Download media kit

Logos and graphics to help you cover Nametag.

Nametag console showing a successful verification result

Workforce Identity Verification

Prevent breaches and reduce IT support costs with ready-to-use solutions built on Deepfake Defense™ identity verification and turnkey IAM integrations.

Five stars in a line
Learn how

North Korea has quietly infiltrated thousands of companies worldwide, including hundreds of the Fortune 500. The U.S. Department of Justice (DoJ) estimates that these schemes generate $225 million to $600 million annually.

In fact, North Korean IT workers are just one class of fraudulent workers; in the age of deepfake identities and remote work, hiring fraud poses a major challenge to enterprises which rely on global workforces.

Typical Hiring Checks Enable Hiring Fraud

Typical pre-employment controls like background checks, video interviews, and even I-9 validation were designed for a pre-genAI era. Amongst other tactics, tools and procedures (TTPs), North Korean IT workers use:

  • Stolen identities and SSNs to pass background checks.
  • AI-generated IDs to pass document checks and I-9 validation.
  • Deepfake video filters to mask their identity in live interviews.
  • Coordinated online personas that appear credible across social platforms.
  • VPNs, RATs and collaborators to hide their locations and activities.

These TTPs allow bad actors to pass through your hiring processes undetected, then gain long-term access to your systems, data and networks.

Critically, the spotlight being shone on the DPRK's TTPs also reveals how other bad actors might be fooling your security controls - and how to stop them.

Inside North Korea's IT worker playbook ->

Instead of relying on outdated mitigations which are proving to be ineffective, more enterprises are deploying workforce identity verification solutions throughout their candidate and new hire journeys.

With Nametag, you can ensure that only legitimate candidates are interviewed, and only verified hires are issued new account credentials.

How to Uncover Fraudulent Workers with Nametag

Nametag gives IT, HR and security teams a unified platform for verifying and reverifying candidates, employees and contractors. Our integrated solutions for interviewing, onboarding, account recovery and more protect your organization against a wide range ofexternal and insider threats.

Behind the scenes, our Deepfake Defense™ engine uses patented technologies to deliver an unmatched level of assurance that your employees are who they claim to be. Meanwhile, a deep range of data privacy configurations ensure alignment with your organization’s requirements, policies, and preferences.

1. Verify Job Candidates

Goal: Prevent bad actors from entering your hiring pipeline.

What: Verify that job applicants aren’t impersonating someone else.

When: At the application, interview, or offer letter stage (or all three).

How:

  1. Send a verification request from the Nametag console in 3 clicks.
  2. Job candidate verifies their identity in under 30 seconds.
  3. Verification results update instantly in your dashboard.
See how Nametag identity verification works ->

2. Reverify at Onboarding

Goal: Ensure the person starting work is the same person you hired.

What: Verify new employees when they onboard into your organizations.

When: Before allowing new hires to set passwords or enroll in MFA.

How:

  1. Point new hires to your secure onboarding site, powered by Nametag. 
  2. New employees verify their identity in <30 seconds using their photo ID. If they verified their ID at a candidate stage, they can skip the ID scan and reverify in under 7 seconds with a selfie.
  1. Verified hires can set passwords and enroll in MFA in your IAM providers. 
  2. Imposters are detected, surfaced, and blocked from receiving credentials.
Watch a demo of VerifiedHire™ onboarding ->

3. Reverify at Your Helpdesk

Goal: Verify the identity of every person contacting your employee helpdesk.

What: Uncover imposters and prevent social engineering of IT staff.

When: Any time someone opens a ticket or calls your IT department.

How:

  1. Send a verification request from the Nametag console in 3 clicks.
  2. Employees take a selfie to reverify their identity in under 7 seconds.
  3. Verification results update instantly in your dashboard.
Explore Nametag's helpdesk console ->

4. Reverify at Risky Moments

Goal: Prevent account sharing, credential theft, or shadow delegation.

What: Reverify employees and contractors when you flag certain risk signals.

When: Before granting privileged access, or triggered by risk signals.

How:

  1. Use your SIEM to automatically trigger identity verification at high-risk moments using Nametag’s integrations, or our API.
  2. Employees scan a QR code and take a cryptographically-protected selfie.
  3. Nametag’s Deepfake Defense™ engine reverifies them in <7 seconds total.
Learn more about reusability and reverification ->

5. Verify Your Existing Workforce (Optional, But Recommended) 

Goal: Uncover imposters and fraudsters who are already in your workforce.

When: Immediately, on a rolling basis, or as a standard part of ongoing audits.

How: Nametag provides three methods based on the urgency of the situation.

  1. High urgency: Deploy Nametag’s self-service account recovery solution, then require all of your users to reset their credentials via Nametag.
  2. Moderate urgency: Deploy Nametag’s self-service account recovery solution and then lock out a particular subset of employees or contractors, or use the Nametag console to verify high-risk or privileged users on a rolling basis.
  3. Lower urgency: Coordinate with your IT helpdesk to verify employees in cohorts, using Nametag’s console to quickly send and review verifications.

The Outcome: A Workforce You Can Trust

Enterprise hiring and onboarding, especially for remote and contract workers, often create a series of security loopholes. But they don’t have to.

Moving Nametag “upstream” in your employee journey helps you: 

  • Ensure compliance by preventing potential sanctions violations.
  • Mitigate risks which can compromise your entire identity security stack.
  • Save time and reduce costs by enabling more user self-service, safely.
  • Align HR, IT and security teams on hiring and onboarding threat models.

With Nametag in place:

  • North Korean IT workers are stopped before they infiltrate your org.
  • Only verified hires gain access to your directories and applications.
  • Hiring fraud schemes like work handoffs are uncovered and blocked.
  • Your hiring, IT, and security teams operate from a shared source of identity.

Hiring fraud is evolving, and your defenses must too. Nametag puts you ahead and keeps you ahead. Contact us for a live demo of our integrated solutions.

Secure your helpdesk against social engineering and impersonators.
Learn more about Nametag
Right Arrow Blue
We use cookies to provide, improve, and promote our services. By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. Visit our Privacy Policy to learn more.
Decline
Accept All Cookies