Banks Battle Fraudulent Remote Workers Infiltrating Networks

At the 2026 RSA Conference on Monday, Capital One's chief technology risk officer Andy Ozment warned U.S. banks that fraudulent remote workers — from 412,000 double-dippers to shadow subcontractors and organized North Korean operatives — are infiltrating corporate networks. He said such schemes have led to data theft, IT sabotage and regulatory exposure, and industry teams have detected tactics like KVM-based laptop farms and more than 1,800 suspected DPRK operatives blocked since April 2024.
Key Points
- 1Identify three fraud types: double-dippers, shadow subcontractors, and nation-state DPRK impostors
- 2Explain high risk: these schemes enable data theft, IT sabotage, and regulatory violations
- 3Recommend defenses: multi-stage screening, endpoint telemetry, behavior correlation, and executive oversight
Scoring Rationale
Actionable, industry-wide intelligence with credible sources drives score; limited novelty beyond ongoing employment-fraud reporting slightly constrains impact.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems

