Ask HN: What to do when you suspect your interview is with a state operative?

20•puppycodes•5mo ago

I'm curious what HN thinks is the best course of action when you are reasonably certain you have interviewed someone who is attempting to gain access to your company from a certain place that is famously totalitarian.

Let's assume they are a state actor, Here are some things that crossed my mind:

- Citizens from this region of the world are forced to do this and it amounts to slave labor. I have empathy for their situation. What is a responsible way to report things like this?

- I try to avoid communicating with law enforcement in general, is the FBI or other US agency the only avenue to warn others?

- Without hiring this person, what exposure should we worry about? What precautions are worth taking in the future?

Thanks for your insights :)

Comments

scrubs•5mo ago

Emphasing with the individual has merit, but on balance has the wrong framing. It's the org the individual is in that's the real problem. I'd tell the fbi. Being a nice guy is counter-indicated here. The other side certainly isn't.

Bender•5mo ago

Ask for a rep from your corporate security department, your legal department and your CSO for a quick meet-up and let them decide what to do. Hand it off to them so it is not your responsibility and so you can focus on your assigned tasks. Provide only the facts.

matt_s•5mo ago

What gave you the impression during what I would assume is a 1-2 hour interview that the person applying for a job is foreign agent?

Do the behaviors exhibited also align with other somewhat common candidate behavior like not being competent in what they say, being nervous, etc.?

puppycodes•5mo ago

I think determining whether they are or are not is very hard and full issues like bias toward english proficiency, culture and a whole bunch of stuff that could be problematic to screen for.

Thats why I phrased the question as assuming they are a foreign agent because the due dilligence one must do is probably particular to the job and company.

The evidence however seems like it will always be more or less circumstantial unless you have the time and resources to devote to a thorough background check.

channeleaton•5mo ago

I’ve posted about this problem before. It’s happened to me twice at two different companies.

This is a legit problem. They pose as American citizens or permanent residents. Sometimes even using a VPN into the US. HR folks would not catch on.

I’ve actually interviewed two of these people over the years. They somehow got through the initial screenings. It’s a bizarre experience. Most of the time there is a significant delay with silence between your question and their answer. It’s as if they’re being fed the perfect answer. Problem is they could never answer or pretended to not understand any follow-up questions.

You could always hear others in the background. One time I was given an answer that I had heard someone else in the room give just 2 minutes before.

The question that really solidified my hunch was about their location. The applicants would always claim to be from a very small town somewhere in the US. In my two experiences I happened to know a lot about those towns. The first said they “really enjoyed the mountains” when I asked what brought them to a Houston suburb. When I asked the other applicant if they had any damage from the hurricane that went through St. Augustine, FL, they replied “What hurricane?”

Now, neither of these people would have been hired even if they had stellar interviews as we do make use of background checks and verification services. This scheme really only works for third-party dev shops or desperate small companies.

I’m glad this problem is getting more attention.

runjake•5mo ago

If I was in the US and the state actor was not Israeli, I would contact my local FBI office and give them details.

They will be kinda rude and very short with you on the phone, but nonetheless, they will gather information from you, which will go into their systems and get paid attention to at some level. They seem especially interested in CN/NK/RU/IR actors, obviously.

If they were Israeli, I'd keep my mouth shut because I don't want to get in the middle of that, nor get on any radars.

Spooky23•5mo ago

Good advice. I’ve engaged with them before - in my case very professional to deal with.

stevenicr•5mo ago

npr had a segment not too long ago exposing this and walked through the steps for one company, and it led to additional training for HR and the first line of checking resmume's and such - can't recall the date it ran.

There have been similar stories recently: https://www.techtarget.com/searchSecurity/feature/How-to-spo...

https://www.wbur.org/onpoint/2025/06/12/cybersecurity-indust...

https://cloud.google.com/transform/ultimate-insider-threat-n...

https://ogletree.com/insights-resources/blog-posts/fbi-warns...

I think the npr segment was like a third party cybersecurity podcast they aired to buffer time in daytime(?)

Why there is no official statement from Substack about the data leak

Effects of Zepbound on Stool Quality

Show HN: Seedance 2.0 – The Most Powerful AI Video Generator

Ask HN: Do we need "metadata in source code" syntax that LLMs will never delete?

Pentagon cutting ties w/ "woke" Harvard, ending military training & fellowships

Can Quantum-Mechanical Description of Physical Reality Be Considered Complete? [pdf]

Kessler Syndrome Has Started [video]

Complex Heterodynes Explained

EVs Are a Failed Experiment

MemAlign: Building Better LLM Judges from Human Feedback with Scalable Memory

CCC (Claude's C Compiler) on Compiler Explorer

Homeland Security Spying on Reddit Users

Actors with Tokio (2021)

Can graph neural networks for biology realistically run on edge devices?

Deeper into the shareing of one air conditioner for 2 rooms

Weatherman introduces fruit-based authentication system to combat deep fakes

Why Embedded Models Must Hallucinate: A Boundary Theory (RCC)

A Curated List of ML System Design Case Studies

Pony Alpha: New free 200K context model for coding, reasoning and roleplay

Show HN: Tunbot – Discord bot for temporary Cloudflare tunnels behind CGNAT

Open Problems in Mechanistic Interpretability

Bye Bye Humanity: The Potential AMOC Collapse

Dexter: Claude-Code-Style Agent for Financial Statements and Valuation

Digital Iris [video]

Essential CDN: The CDN that lets you do more than JavaScript

They Hijacked Our Tech [video]

Vouch

HRL Labs in Malibu laying off 1/3 of their workforce

Show HN: High-performance bidirectional list for React, React Native, and Vue

Show HN: I built a Mac screen recorder Recap.Studio