Darknet Diaries: 133: I'm the Real Connor

I remember this one time, I really botched a job interview.

I was young in my early 20s, and I applied to do surveillance at a casino.

You know, the eye in the sky, watch 20 monitor screens at once, and try to find someone cheating

or stealing things in the casino, and then call the security guards on them.

Well, I got an interview with the head of casino security, and things were going well.

We hit it off, and he liked my resume, but then he asked me one last question.

If you saw me stealing in the casino, would you turn me in?

Now, I was dumbfounded by this question.

What is this?

Some kind of ethics test?

I mean, he's the head of security.

If I saw him stealing, who would I even report it to?

I was baffled on how to answer this, but I wanted this job bad.

And so I did a whole bunch of mental gymnastics to try to read his face and see what answer

he wanted.

I mean, the first thing that popped into my mind was that quote from the cotton father

here.

Listen, you're my older brother, and I love you.

But don't ever take sides with anyone against the family again.

Don't take sides against the family.

Who do you think started the whole casino business?

It was mobsters.

So what did this head of security cherish more?

Me or the law?

It's an impossible thing to answer.

I felt as if I was on the poker table going head to head with him, trying to read what

cards he was holding, and my job was what was on the line.

Well, I blurred it out.

Of course I wouldn't turn you in.

You're my boss.

And with that, he stood up and said, thanks for coming in, but we're looking for someone

else.

Good luck.

And he reached out to shake my hand.

I quickly realized my mistake.

Taking the family side was the wrong answer.

It's the definition of corruption.

Even if he wanted me to always protect the family, this was just too soon of a test to

ask me something like that.

I wasn't part of the family yet.

Siding with him was taking sides against the casino itself.

And if he was actually corrupt, he wouldn't show his cards like that so early in the first

interview with someone.

So I reversed my position.

I shouted, no, no, no.

I would definitely turn you in.

The casino is who I work for, not you.

He smiled and shook his head and walked me to the door and said, better luck next time,

kid.

These are true stories from the dark side of the internet.

I'm Jack Reisider.

This is Dark Knight Diaries.

This episode is sponsored by Linode, which is now Akamai, and this is exciting news for

developers.

Linode is now part of Akamai Connected Cloud, the massively distributed edge and cloud platform

that puts apps and experiences closer to the users and keeps threats farther away.

Increased performance and speed to market with cloud computing services you're used

to, now running on the Akamai Connected Cloud.

All the developer-friendly tools that have helped you build on Linode for the past two

decades are still available now that Linode is part of Akamai.

In fact, they're expanding their services to offer even more cloud computing resources

and tools while providing reliable, affordable, and scalable solutions for businesses of all

sizes.

As part of Akamai's global network, they're also expanding data centers worldwide, giving

you access to even more resources to help you grow and serve your users.

Experience the power of Akamai Connected Cloud for yourself and see why developers worldwide

choose it for their cloud computing needs.

Learn more at akamai.com or linode.com.

That's spelled A-K-A-M-A-I dot com, or Linode is spelled L-I-N-O-D-E dot com.

This episode is brought to you by Furonis.

So many security incidents are caused by attackers finding and exploiting excessive permissions.

All it takes is one exposed folder, bucket, or API to cause a data breach crisis.

The average organization has tens of millions of unique permissions and sharing links.

Even if you could visualize your cloud data exposure, it would take an army of admins

years to write size privileges.

With how quickly data is created and shared, it's like painting the Golden Gate Bridge.

That's why Furonis built Least Privilege Automation.

Furonis continuously eliminates data exposure while you sleep by making intelligent decisions

about who needs access to data and who doesn't.

Because Furonis knows who can and who does access data, their automation safely remediates

risky permissions and links, making your data more secure by the minute.

Even when you're not logged in, Furonis is classifying more data, revoking permissions,

enforcing policies, and triggering alerts to their IR team to review on your behalf.

To see how Furonis can reduce risk while removing work from your plate, head on over to Furonis.com

slash darknet and start your free trial today.

That's Furonis spelled V-A-R-O-N-I-S dot com slash darknet.

So let's start out with who you are.

What do you do?

Yeah.

So I'm Connor Tummelsen.

I'm just kind of an engineer here in Tampa, kind of really gone up the steps over the

years.

I think I'm our director of engineering now, so I kind of just really do a lot of tech

stuff.

The main thing to know about Connor is he's spent years in the tech industry.

He's a great programmer, which has led him to become a director of engineering.

And he's content in his current role.

He's definitely not job seeking.

However, his resume is pretty nice and he's got a whole list of skills under his belt

and he has a great GitHub.

GitHub is a place where people go to share programming code they made.

And Connor has wrote a lot of code.

So Connor has published a lot of this code to GitHub for other people to see.

If you go there, you can see what code he's been writing since 2011.

In fact, he's posted new code 51,000 times over the last 12 years.

And what's interesting about GitHub is you can go back through those years and see every

line of code that he shared and what date he shared it.

Okay, September 14th, 2022, you get an email.

Yeah, I mean, it's crazy.

I'm sitting at lunch, you know, and your phone goes off and I get just one of those weird

subject titles that I think is just an easily deleteable one.

I think it word for word was something like Connor, your identity is stolen.

It does have a spammy taste to it, doesn't it?

I think I've probably gotten spam like this before, you know, click here to see if my

identity is stolen.

And I was just like, yeah, this is probably spam because it came from kind of an address

I didn't recognize.

It looked like a bunch of kind of foreign characters I didn't recognize.

And I was like, okay, this is, this is a delete.

But then before I deleted, I saw it in an attachment.

I was like, okay, I'm on my phone.

This is a, I think probably an easy preview, especially since it was kind of a suspect

email.

But you know, thankfully, I could just preview it and I previewed it and it was like my resume,

but it wasn't.

And I was like, this is really odd.

The email was from a guy named Andrew.

And Andrew is also a programmer, but he's just starting out in college and has only

posted a little bit to GitHub.

Andrew said someone found him and messaged him on GitHub and offered him a job.

But when Andrew asked more questions about the job, he was told he had to act like Connor

to get the job.

I kind of just quickly ate my lunch, you know, and kind of ran back to my computer and just

jumped on to view it, you know, in Gmail.

And at that point when I expanded it for real, I saw it was way more than like my resume.

It was like an introduction of me from like a, it was really rough reading it from very

first inspection.

Because it was like someone trying to pretend they were me because not only was the email

just clearly wrong, but the address was like a address that was for sale on Zillow kind

of right around where I live.

Then it was my resume.

Then it was like information about a company.

And then it was information of like a fake cover letter I wrote.

And at this point, I'm thinking, holy cow, what is, what is going on here?

Because now I think this is actually legitimate because there's someone that's put a great

deal of effort into taking a lot of my true, you know, like earned achievements, whatever

school, everything, but then mixed it with a bunch of things that are lies, which I think

funny enough boosted my resume in a way.

But yeah, they weren't true.

It was just a mixture of lies and truth in a huge document.

Okay.

Wow.

They took Connor's real resume, but changed just a few things like the email address,

physical address, and a few other accomplishments.

But all this sounds really spooky.

I mean, to get an email from someone explaining all this.

The person sending the email could be trying to help or they could be trying to scam Connor

into paying them to scrub this information off at some website or something.

What was the real intention of this Andrew guy who emailed him?

Yeah.

So it was weird.

He was telling me that there was this guy, Maris, and it's just a guy that was hiring

him to be an engineer.

And I was like, okay, what does that have to do with me?

And then he says, like, you know, in the next sentence in the email, he's like, it turns

out I was supposed to pretend to be you.

And I didn't feel comfortable with it and sent me the doc.

So I read that, I read the doc, and I'm still thinking, this is weird, because as you just

mentioned, like, I'm getting suspicious that the guy just wants me to sign into something,

buy something.

So I just sent a quick response and I said, so to get this right, you were hired at a

company and then paid to pretend to be me for an interview.

And he responds and goes, yeah, I'm about to go to class, but here's a few logs.

Snippets of just a Slack channel.

It seems like this guy, Andrew is responding to questions Connor has, but is equally as

confused as Connor is about this.

I mean, imagine someone messages you on GitHub offers you some paid work and when you say,

yeah, that sounds great, then they ask you to pretend to be someone else.

So Andrew was sending more information over to Connor screenshots of Slack chat that he

had with this Maris person.

And at this point, I'm actually just getting attached to this because in the screenshot

he sends me, he's talking about the interview that's supposed to be in like a few hours

time that I'm looking at of me that he is like, you know, no longer attending.

And this is crazy because I'm also talking to a coworker next to me at this point, like,

should I join this interview?

What is going on?

Like, I feel like someone is pretending to be me in an interview later today.

And that is kind of crazy to think about.

Oh, right.

This is an online video interview and it's all set up where the company is expecting

Connor to join and be interviewed.

And it was in a few hours.

This just gets wilder and wilder.

Connor starts wondering if he should join the interview.

And just to see what's going on, at the least he can inform this other company that they

shouldn't hire him because he's not actually applying for the job.

And that's going to be awkward to explain to them for sure.

All the while, Connor is trying to figure out why they took his resume to copy.

What was it about Connor that made his resume special?

Yeah.

And I think that's what really kind of really sketched me out or made me feel a bit uneasy

because at the end of the day, I thought, why not just make some AI generator random

document if you're trying to go out there and get jobs?

Connor still feels like he needs more details from Andrew.

Something just isn't adding up still.

I'm trying to actually email him a lot.

I'm saying like, hey, you could I need more info here.

I dug deeper into this and it's more creepy than I thought.

And I was like, hey, what more can you give me?

Can you give me all your email communications?

Can you tell me more?

And he was like, sorry, I'm going to class.

And I was like, oh, so the person that's helping me through this is no longer available.

How did Andrew get involved in this?

He mentioned that he kind of just got cold emailed, like just a random email, presumably

from his GitHub where someone reached out and said they were looking for a partner to

join him and needed a bit of development experience.

And this was a guy that was kind of a fresh developer right out of school that was looking

for a kind of place to work and it seemed like a great chance.

So I think he continued moving forward with his employment.

As they said, they needed a good English speaking engineer and he fed all those boxes.

Andrew ends up joining this company.

They get invited to a Slack channel and the same day he joins a Slack channel, roughly

a few hours later, he ends up getting just a bunch of messages.

So when Andrew joined this Slack chat, he was greeted by someone just named PND.

This PND person is acronym ends up posting to Andrew and says, hey, you're going to pretend

to be this person.

And it's a link to that document that he ends up linking or kind of sharing to me.

And that's when Andrew realizes, I don't really want to be part of this because Connor looks

like a kind of English speaking engineer.

Why am I pretending to be him?

And Meris, I mean, Meris or the PND, we don't really know who this person is, says, yeah,

Connor's not our engineers.

Is that going to be a problem for you?

And he says, yeah, it's his ethical kind of behavior and Andrew just ends up leaving

and taking a bunch of information with him.

So I'm thinking to Andrew, this guy's amazing.

Just leaked a bunch of information to me from this whole thing and I guess lost a job in

the process.

Probably not the best job, but for someone looking for work, I guess a job was a job.

I wonder how big of a decision this was for Andrew, a college kid looking for work, finding

a job that pays, but having to turn it down because it violates his ethics.

I bet there are quite a lot of college kids that would be up for it, you know.

And I wonder if this is a tactic that this Meris person or PND person targets college

kids because they need the experience and work and are more willing to take non-ethical

jobs.

I don't know.

Anyway, for Connor to get an email like this, it absolutely derailed his ability to concentrate

on anything at work that day.

I mean, he had to go to an interview that he did not set up.

And how do you even prepare for something like that?

Actually, it doesn't matter since there was just wasn't much time to prepare for it anyway.

Yep, exactly.

So I think I opened it around noon and the interview was at four or four thirty.

So it was a pretty quick turnaround on all this.

Andrew sent Connor all the information to join the interview.

And it, of course, had the Zoom link in the time and the company and the meeting.

And I was like, oh, this is crazy.

I'm going to use this for sure.

So then I joined it, but I actually joined the interview about five minutes before it starts.

And I'm just kind of sitting in a Zoom channel.

You know, it's the Zoom waiting room.

I can't really talk to anyone yet.

I'm stuck there.

And my fear is I'm sitting in this meeting and someone isn't enjoying before me like

another person, and then I'm stuck in kind of a debate.

But thankfully the interviewer, he shows up early and adds me.

And we both jump on video, kind of sitting in the same spot I am now.

And I say, hey, before we jump into interviews, you're not going to believe

anything I'm going to tell you, so I'm going to go really quick.

And I just proceed to tell this guy.

And I think I just spewed out as quick as I can of saying like, I didn't apply for this job,

but I am indeed the person that you have all the documentation for.

And he starts getting really confused here, trying to not follow what's going on.

I think at first he thinks I'm pranking him.

And I'm trying to explain, no, this is, this is legitimate.

I'm the real, I'm the real Connor, but I did not apply for this job.

And he starts like joking with me while your resume is really good.

We were hoping, hoping this was a real, real interview.

And while we're talking, I'm trying to explain what happened from my perspective

that I got an email, I'm asking him, can you share from your perspective

who applied for the job?

And while we're talking about this, because he lets me know that it was on

upwork, that my fake self applied for the job.

Then he tells me that there's another Connor Tumbleson in the waiting room.

And at this point, I'm kind of freaking out of it.

Because now another fake Connor has decided to join the call and he's

trapped in the meeting room.

And this interview guy, he goes, Hey, why don't you change your name,

turn off your camera and just sit in this call.

And I was like, Holy cow, that is amazing.

It was your idea.

I love it.

I want to sit here and figure out what's going on.

So I changed my name, you know, I'd turn off my zoom camera and I'm sitting

in the call when he admits another Connor Tumbleson.

And this is where the story goes even crazier is I then sit in a call and

listen to a guy with kind of this accent that I can't place.

I think I can safely say it's probably not American, but I don't know where.

And this guy then proceeds to say that he's Connor Tumbleson.

And not only that, he starts reading off all my accomplishes, even, even says

his GitHub address, which is odd because I haven't changed my alias,

online alias in like 20 years.

So I bought peaches everywhere as me.

So to hear someone say that, it was just extremely upsetting.

And I'm just sitting in this call listening to this guy, proceed to just

list things I can tell he's reading the sheet word for word that I'm looking at.

Man, I can't even imagine being in this scenario, listening in on an

interview with someone else pretending to be you trying to get this job.

What?

All the time fake Connor is speaking, the real Connor is muted listening.

How does he respond to all this?

How would you respond to this situation?

If I were him, I'd be freaking out wondering if I'm being pranked and wanting

to know who this guy is that's pretending to be me and who put him up to this?

Yep, definitely that.

And I'm talking to some coworkers at the same time during this because we're

just all sitting around because they're all at this point involved in the story.

And I couldn't say I'm mute any longer.

It was just really, really rough.

I thought I could sit there and just listen to information.

But I turned my camera on and kind of just started talking.

And I said, Hey, I'm the real Connor Tumbleson.

So who are you?

And I didn't get, I think more than five, 10 words out of my mouth.

And he just dropped the call, which was pretty sad because I really wanted to

figure out like if we could have just a candid conversation of why this was happening.

But he left the call immediately.

I was going through your mind after that interview.

Just the fact that another Connor joined the call of fake me.

I was so confused because I was under the impression initially that this guy I was

talking to Andrew had ended up joining the call and going forward with this.

And I was like, why, why would he do that?

He just leaked it all to me.

I couldn't really figure out in my head how there was actually someone joining the call.

So this P&D person set up this interview and asked Andrew to join it and pretend to be Connor.

Andrew said, no, for ethical reasons, but then someone else pretending to be Connor

did join the call.

Who was that person?

Yep, exactly.

So at that point I'm kind of talking to the interviewer again because the other Connor

has left the call and I was like, Hey, do you mind just sending me everything you have?

And I was like asking for who applied, how did he apply, et cetera.

And this guy goes, yeah, sure.

Can I have your email address?

And I was like, Hey, just take the email they gave you and take the two off the end of it.

Because like it was such an embarrassingly copied email.

It was just my email with a number two at the end.

So sure enough, this company, they then email me and it's just screenshots of Upwork.

And it's, this is where I got way more creeped out, is it was a fake Upwork of me.

And once again, it was a highly detailed resume's accomplishments.

They even had like a random lair bell certification I got from a few years ago.

And I didn't even put that on anywhere except in a tweet.

So I was like, this is a crazy amount of detail that someone went to to make a real

truthful, but also exaggerated in a lot of regards, Upwork account of me.

Stay with us.

There's more after the break.

Support for this episode comes from Exonius.

Complexity is increasing in IT and cybersecurity.

Adapt to the demands of your modern environment with Exonius and say goodbye to

manual asset inventory approaches.

The Exonius solution provides an always up to date inventory,

uncovers gaps and automates action, giving you the solid foundation you need to stay dynamic

in the face of complexity.

Go to exonius.com slash dark net to learn more and get a demo.

That's spelled A X O N I U S Exonius.com slash dark net.

Okay, so let's recap.

Someone made an Upwork profile using Connors resume and information,

and they were using that fake profile to apply for real jobs,

then getting someone else to act like Connor for the job.

Then that person would sit in an interview and pretend to be Connor.

Yeah, so Upwork is a place that freelancers can go to look for jobs.

Anything from design to IT or legal professionals,

freelancers will make an account saying what skills they have and that they're available

to work on these projects.

And either someone messages the freelancer about a job,

or a job gets posted on Upwork and freelancers can apply for it.

Someone made an Upwork account using Connors detail, some real, some fake,

and applied for jobs saying, look how great my profile is, I want to come work for you.

Yeah, and I think I honestly had never really used Upwork or, you know,

only slightly heard of it myself at the time.

So I was also googling, what is this thing?

And yeah, just as you described, it seemed like it was just an ad hoc

applying to a job as an individual using my fake information.

So at this point now that I have screenshots of my fake Upwork account,

including my real photo, that was like a recent work photo.

I was like, okay, this is getting really crazy now.

And I kind of thanked the interviewer for really letting me sit on the call.

I said, thanks for this info.

And took all that info and then wrote another kind of large email to Andrew,

where I kind of honestly asked him, was that you on the call?

Because I really had no idea what was going on at this point,

because I couldn't really figure out how a third Connor joined the call.

And Andrew, after he gets back from class actually responds,

and he gives me a ton of information.

He not only sends me every email that he, you know,

went back and forth with this Marist person to like establish this fake employment.

But he also sends me screenshots of all these Slack channels,

where he only joined that day as, you know, part of joining this kind of paid work.

So now I basically have Upwork screenshots, Slack screenshots, and email screenshots.

And as Connor looked through the information Andrew sent over,

he realized that some of the people communicating to Andrew also seem to be impersonators.

Like Marist, for instance, was a real person with a nice GitHub and stuff,

but it was probably not the real Marist who was messaging Andrew.

It's like a never ending circle of just bouncing between fake emails.

And that's where it just gets crazy of, I'm trying to follow this weirdness of,

I can't trust anything, everyone's fake.

The person Andrew was talking to is not even Marist,

because Marist is just another impersonated individual.

So I'm just really losing track of who's real or not.

A lot of these trails seem to come back to the person in the Slack chat app calling themselves PND.

PND is who told Andrew to impersonate Connor for the job.

And he's also telling everybody what to do in this chat room.

PND might also be Marist, I don't know.

But it seems that PND has a website called PND Design,

which offers coding and web design services.

And this gives Connor a new thread to pull on.

PND, I find their website because they just explained it in their Slack channel.

A PND Design, I just start doing basic things,

trying to figure out other websites PND Design built.

I'm just trying to figure out who owns PND Design.

I end up finding the person who owns it.

I call them once or twice, no one ever picks up.

I email them, no one ever responds.

I don't know what to do.

I just wanted to talk to someone who was associated with PND Design.

And they just never respond to any of my reach and out.

I don't remember if I put it in the blog post,

but I called a lot of the numbers that were in the document that Andrew got from PND.

And those numbers were like these American embassies in foreign countries.

I was like, this is crazy.

I was like, I didn't even mean to call these numbers.

And here I am thinking it's some official number for a business.

And I'm calling embassies.

It was just, it was strange.

Giving a fake phone number.

I love it.

It reminds me of this scene from the classic movie, The Blues Brothers.

Those cops took your license away.

They got your name, your address.

No, they don't got my address.

I falsified my renewal.

Put down 1060 West Addison.

1060 West Addison?

Strictly failed.

A good criminal will always throw people off

with what looks like real information, but is actually something bogus.

Yeah.

And I think on the same time, I'm like trying to behind all the websites that PND Design built.

And they have this weird obsession about disabling right click.

Like it seems like such an old technique to stop your right click.

And I'm just like finding all these sites.

And I think that they're in the hundreds of just all these sites that disable right click.

They have the same Google Analytics ID.

And they have this weird footer where it's like,

hey, we created it PND Design, but guess what?

Our CEOs by CEO crunches and our ITs by IT tech fixes.

And the design was via visible dev and all these companies are PND basically.

That's hilarious.

A web design company boasting about how they can create great looking websites,

but they didn't even create their own website.

The footer says it was made by someone else.

Connor wasn't sure what was happening, but thought that maybe companies were hiring

an individual to build their sites who then would turn the project over to PND Design

to do the actual work.

But he doesn't know it was just so frustrating to have all these puzzle pieces and have no

idea what the finished picture looks like.

But Connor does the only thing he can.

But just start emailing companies who PND claimed to have worked with.

He would write emails saying,

Hey, this is going to sound extremely strange, but I feel like I'm getting my identity

something impersonate.

I don't know how to explain it, but can you answer a simple question?

Did a company PND design build your website?

I thought it was a pretty simple ask.

Unfortunately, you know, some people told me some very just rough things,

like to just mind my own business, ignored me, or refused to help me.

Except for one guy that I think after I talked a few emails back and forth,

understood I was a real person.

And then finally told me, yes, we had never worked with this company before.

So at this point, I'm realizing that I don't think I can trust a single thing

that is going on in this Slack channel and this email chain.

And the story just continues to grow in these weird angles.

Things are just so weird at this point.

Was the PND person in the Slack channel actually affiliated with PND design?

Or were they just impersonating that company too?

So many layers of fakeness going on here and impersonations

that it's just really hard to know what's real and who to trust here.

So at this point, I felt like I had done a good deal of research.

I'd kind of tracked down who I thought was involved.

What was going on?

All thanks to Andrew kind of leaking this information to me.

And I think holy cow, I have a lot of information to finish my blog post

and kind of make a presentation.

Connor has tried to reach out to so many people involved,

but then realized, hey, wait, why not reach out to Connor?

Not the real Connor, but the fake Connor, the one who was impersonating him.

So he writes to it.

Why are you impersonating me?

I'm emailing myself my fake email.

Sure enough, the email account of my fake self responds and just tells me.

I don't remember exactly, but I think they said I look cute or something,

which I think is the strangest thing because I'm fuming kind of at this point

of why someone's using my real name and everything and they're just joking around.

Of course, I add that screenshot to the blog post.

And I think that's what a lot of folks on Reddit and Twitter all like the most

is just that random screenshot of me emailing myself.

The full response he got back from the fake Connor was,

sorry, but you have a great GitHub and you look cute.

Of course, Connor's first reaction is anger,

but perhaps there's a bit of information in there that's helpful.

Because then I finished that blog post,

and I think that's where the story gets even stranger.

Because that blog post just skyrockets to the top of hacker news within,

I think, an hour of me posting it.

And my poor little Linode server falls over

because it's never had more than like a thousand hits and it's getting 20,000 out of it.

What I didn't really recognize with getting to the top of hacker news

is how many people just offered to join your kind of investigation and search.

And then I have people everywhere just DMing me, messaging me of other similar emails and similar

kind of slacks and messages, but different names.

And I was like, this is a huge story because people are giving me personal examples where

they were like an interviewer.

Someone was like, I jumped on a call with someone because they wanted to talk through it.

And this one guy at a random company was like,

we were talking to an interviewee who didn't know anything of why he was on the call

or like who he was talking to.

He was asking us questions of why he was there.

And I was thinking, that's crazy because that kind of rings a bell.

If you don't know anything of why you're joining a call,

except given a document a couple minutes before you're supposed to be there,

I could see that happening.

And then people are telling me, oh, I live kind of by where P&D Design is in their headquarters.

And they're like, we'll go visit the office for you.

And I was like, well, thanks.

And it starts piecing together some things.

So Connor starts learning all kinds of new things

about this mystery from the help of people on the internet.

It turns out there's a story that Brian Krebs wrote a while ago,

which talks about faked LinkedIn profiles.

I then gets a link to, you know, Brian and Brian Krebs of just all of his investigative research.

And someone links me to one of his articles,

where he was like investigating all these fake LinkedIn profiles

of like the upwards of 100, 200,000 of them.

And I'm thinking, this is insane.

There's people, all these fake profiles on LinkedIn.

I know they're on Upwork.

I was like, the story is huge.

I just unfortunately was one person that's a bit more connected than I think of others

that may have no idea that their information was harvested

to make like a real look in profile to then use to kind of get a job from.

So this article is interesting.

LinkedIn is where people go to look for jobs and network and do hiring.

But there's a huge amount of fake profiles being created every day.

These profiles are real tricky though,

because they're like half AI generated and half real.

And they take some real information from certain LinkedIn accounts,

but then change a few things on it.

And these fake accounts start creating connections and joining groups.

And then the fake accounts start applying for jobs.

Real jobs.

And it's a real pain in the neck for LinkedIn to try to figure out who's real

and who's fake on here.

And the comments on this article are just filled with people saying how they've had

a bunch of fake people apply for jobs at where they work.

And recruiters have to do this extra step at verifying people's actual identity,

which makes me think, how exactly can someone actually get a job using someone else's name?

In the U.S., you have to fill out tax documents and stuff

that if you work there, you can't forge this stuff.

And where are the paychecks going to be sent to you?

Yeah, I mean, it has to get crazy because at that point you're thinking,

let's say that goes successfully and you end up hiring a fake me.

We can tell from the Slack conversations that had Andrew successfully done this interview,

he doesn't need any technical experience at this point

because they say all technical requirements should just be gathered

and given back to the Slack channel,

where presumably a lot of engineers are waiting to do whatever task is requested.

So then I'm thinking at this point, you are basically becoming maybe a project owner,

manager, or someone to just manage engineers behind you,

but you're just the front-facing English-speaking person.

And I think that's a motto and business design that happens and works everywhere.

So I'm thinking, why is this happening in a more malicious intent way?

Of hiding that.

And I'm thinking maybe this is some upwork thing where it's easier to hire an individual

that's maybe masquerading as a company behind it.

And I'm getting confused because I'm thinking, how are you getting paid?

What is the legal, what social security numbers are you getting used?

Like this is just employment at the end of the day.

I don't think you can hide it or pay by Bitcoin forever.

There has to be something where some real names come out.

And then when this blog post is out there and more and more people are reporting this,

I'm thinking this must be working because so many people are telling me that they're finding

like cold emails to them to be part of it, or it's happened to them,

or they've interviewed people they suggest like guessed it happened to.

There was a time where I was trying to find someone on one of these freelance websites

to make a video game for me.

And they claimed to be American with great coding skills.

But then when I asked for a phone call, the story quickly changed to be a person from India

and it was also not a single person, but a whole team of people ready to work on my project.

So what Connor said, maybe what's going on here,

get Andrew to be the token American English speaker,

and then they can advertise themselves as American based to ask for a higher rate.

Sometimes people are hesitant to join with another company or work with them,

versus doing a quick contract job with a single individual.

But what if you're like working with a single individual

who's kind of hiding behind a company just without your knowledge?

And I think that is maybe what's kind of an attraction on Upwork,

is you get these individuals kind of even fake me profiles

that come in at really low offers of working and say,

I'm a single individual, I can do all these tasks with a really great resume,

but little do you know if you hire that individual that you might have an entire

dev team behind you that you just never meet, know or interact with.

And I think that's my current running theory.

Okay, but back to the email, the fake Connor sent the real Connor.

It said, you have a great GitHub and you look cute.

Okay, let's put aside that look acute part.

The great GitHub is the curious point for me.

Like I said, Connor has contributed code 51,000 times to GitHub in the last 12 years.

That I think is what is great about it.

That alone, what I mean is you can't go back in time on GitHub and post code.

That is, you can't create an account that looks like the person has been there for 12 years

and has all this coding experience unless you're spending 12 years posting code on GitHub.

So the fact that Connor has been posting code there for 12 years does in fact

make him look like a well-established veteran coder who knows his stuff.

And that goes a long way with job recruiters.

I think probably on GitHub, it's probably definitely harder to make fake ones because

you can just look back, I think on my profile and see a couple of 10,

15 years of just commit history.

I think you definitely copy and pasting those.

Even if you took all the repos, you can have a pretty empty historic graph.

And maybe that's exactly why people just, it's easier just to claim one is yours and talk about it.

Yes, I think so too.

That's something you can't fake easily.

A longstanding reputation of pushing code to GitHub is attractive to employers.

So that is exactly why I think Connor got his identity stolen.

Someone, I don't know, PND, Maris saw Connor's GitHub and liked it.

And that's why they took his identity.

After Connor posted this blog post, he gave a talk at a conference in Tampa.

And someone who read his blog post came up to him after the talk

and told him another crazy story.

He said,

To be honest, I've had two jobs and I'm working too remotely.

And the other companies don't know.

And he had invested in all these like switchers to jiggle a mouse and use two computers.

And this guy's like saying, I don't think I'm doing anything kind of wrong.

I'm just working two jobs at once and none of the other companies know.

And I think, holy cow, this guy's just dumping knowledge out to me.

And I was thinking, is this, this whole employment remote is crazy.

I stumbled upon this same stuff too.

I recently found a subreddit called r slash over employed.

And it's all about people who are gaming the whole work from home thing,

having two full time jobs at the same time.

That is, they go to work from nine to five,

but are working at two different places at the same time.

And neither company knows they're actually spending half the time at some other company.

And yeah, there's articles on this r slash over employed subreddit

that tell you things like how to look productive

when you're not at your keyboard and stuff,

like having mouse jigglers move your mouse around for you,

or how to automate some of the tasks to look productive.

They also have listings of which companies are over employed friendly.

One of the top posts there is someone saying they now work five jobs,

bringing in a total of $1.2 million a year.

And here's how I did it, ask me anything.

And while that's crazy, this gives me all kinds of business ideas.

Like let's say I get a job working remotely somewhere,

but then outsource my job to someone else who wants to do it for half the pay.

And yeah, if I could do that, then why not get another job

and outsource that to someone else?

And so now I've got all these jobs that I'm doing work for,

but I'm actually not doing the work for them.

Someone else is doing it for me.

I mean, that is clearly unethical,

but I guarantee with the wave of working from home jobs out there that it's happening.

Oh, and let's not forget what happened to John Woo.

I talked with him on episode 119,

and he thinks that someone from North Korea tried applying for a job where he works,

who could have very well been trying to get a job there

just to steal the cryptocurrency from their company.

Yeah, that's a crazy one too.

I think one person tweeted me that one,

of maybe it's just a kind of state-sponsored unlimited budget.

Just see how many kind of companies you can join and then extract information.

So did you ever get to like speak with PND or Meris or whoever and say,

dude, what is going on here?

No, unfortunately, neither.

I had sent many emails to Meris, the real Meris email,

and never got a response.

And I just gave up calling, leaving voicemails with PND.

I sent LinkedIn messages.

I sent more.

I kind of even worded things as I just want to have a good conversation,

but just no response.

Is that where we are today?

Yeah, today I think kind of where I am now is I continue to research

things people will give me and just go through this entirely large list of,

I'd say, roughly 100 websites.

And I'm just continuing to reach out and find contact information for all of them

to just see if anyone is willing to talk to me on who built their website,

how's the interaction, and all the communication between them and the company

to kind of figure out if I can find any more information.

Besides what I continue to find is just fake emails, generic documents,

and any lack of just true real information.

Because I think someone paid someone at some point and knows some real info.

What a weird time it's becoming, isn't it?

I mean, this is just the modern world that we're in now.

We're working from home is more popular than ever,

and it seems to be ushering a whole new set of scams.

Or are they even scams?

I guess if you're misrepresenting yourself, then it is a scam.

Even if you're not trying to trick someone to give you money for nothing,

just lying to score a contract seems scammy to me.

I think if you're hiring today, you should be very cautious of the people

who are applying for your position because they might not be real.

And if they are claiming to be someone,

maybe double check with the person that they're claiming to be

by reaching out to them separately.

Just be safe out there as our world keeps evolving

and becomes more tricky to navigate.

A big thank you to the real Connor Tumbelsen for coming on the show

and telling us this crazy story.

You can see what he's blogging about over at connortumbelsen.com.

And don't forget on the website darknetdaries.com

is a link to all the articles mentioned in these episodes,

as well as full transcripts of every episode.

This show is made by me, the Cyber Samurai Jack Reciter.

This episode was written and produced and edited by the cheerful Tristan Ledger.

Sound design was done by Garrett Tiedemann,

mixing by Proximity Sound,

and our theme music is by the mysterious Brickmaster Cylinder.

I was once asked in an interview if I'm any good at Microsoft Office,

and I told them I excel at it.

And the interviewer asked me, was that an office pun?

And I said, word!

This is Darknet Diaries.

Machine-generated transcript that may contain inaccuracies.