Ask HN: What to do when you suspect your interview is with a state operative?

20•puppycodes•5mo ago

I'm curious what HN thinks is the best course of action when you are reasonably certain you have interviewed someone who is attempting to gain access to your company from a certain place that is famously totalitarian.

Let's assume they are a state actor, Here are some things that crossed my mind:

- Citizens from this region of the world are forced to do this and it amounts to slave labor. I have empathy for their situation. What is a responsible way to report things like this?

- I try to avoid communicating with law enforcement in general, is the FBI or other US agency the only avenue to warn others?

- Without hiring this person, what exposure should we worry about? What precautions are worth taking in the future?

Thanks for your insights :)

Comments

scrubs•5mo ago

Emphasing with the individual has merit, but on balance has the wrong framing. It's the org the individual is in that's the real problem. I'd tell the fbi. Being a nice guy is counter-indicated here. The other side certainly isn't.

Bender•5mo ago

Ask for a rep from your corporate security department, your legal department and your CSO for a quick meet-up and let them decide what to do. Hand it off to them so it is not your responsibility and so you can focus on your assigned tasks. Provide only the facts.

matt_s•5mo ago

What gave you the impression during what I would assume is a 1-2 hour interview that the person applying for a job is foreign agent?

Do the behaviors exhibited also align with other somewhat common candidate behavior like not being competent in what they say, being nervous, etc.?

puppycodes•5mo ago

I think determining whether they are or are not is very hard and full issues like bias toward english proficiency, culture and a whole bunch of stuff that could be problematic to screen for.

Thats why I phrased the question as assuming they are a foreign agent because the due dilligence one must do is probably particular to the job and company.

The evidence however seems like it will always be more or less circumstantial unless you have the time and resources to devote to a thorough background check.

channeleaton•5mo ago

I’ve posted about this problem before. It’s happened to me twice at two different companies.

This is a legit problem. They pose as American citizens or permanent residents. Sometimes even using a VPN into the US. HR folks would not catch on.

I’ve actually interviewed two of these people over the years. They somehow got through the initial screenings. It’s a bizarre experience. Most of the time there is a significant delay with silence between your question and their answer. It’s as if they’re being fed the perfect answer. Problem is they could never answer or pretended to not understand any follow-up questions.

You could always hear others in the background. One time I was given an answer that I had heard someone else in the room give just 2 minutes before.

The question that really solidified my hunch was about their location. The applicants would always claim to be from a very small town somewhere in the US. In my two experiences I happened to know a lot about those towns. The first said they “really enjoyed the mountains” when I asked what brought them to a Houston suburb. When I asked the other applicant if they had any damage from the hurricane that went through St. Augustine, FL, they replied “What hurricane?”

Now, neither of these people would have been hired even if they had stellar interviews as we do make use of background checks and verification services. This scheme really only works for third-party dev shops or desperate small companies.

I’m glad this problem is getting more attention.

runjake•5mo ago

If I was in the US and the state actor was not Israeli, I would contact my local FBI office and give them details.

They will be kinda rude and very short with you on the phone, but nonetheless, they will gather information from you, which will go into their systems and get paid attention to at some level. They seem especially interested in CN/NK/RU/IR actors, obviously.

If they were Israeli, I'd keep my mouth shut because I don't want to get in the middle of that, nor get on any radars.

Spooky23•5mo ago

Good advice. I’ve engaged with them before - in my case very professional to deal with.

stevenicr•5mo ago

npr had a segment not too long ago exposing this and walked through the steps for one company, and it led to additional training for HR and the first line of checking resmume's and such - can't recall the date it ran.

There have been similar stories recently: https://www.techtarget.com/searchSecurity/feature/How-to-spo...

https://www.wbur.org/onpoint/2025/06/12/cybersecurity-indust...

https://cloud.google.com/transform/ultimate-insider-threat-n...

https://ogletree.com/insights-resources/blog-posts/fbi-warns...

I think the npr segment was like a third party cybersecurity podcast they aired to buffer time in daytime(?)

Show HN: Glimpsh – exploring gaze input inside the terminal

The Optima-l Situation: A deep dive into the classic humanist sans-serif

Barn Owls Know When to Wait

Implementing TCP Echo Server in Rust [video]

LicGen – Offline License Generator (CLI and Web UI)

Service Degradation in West US Region

The Janitor on Mars

Bringing Polars to .NET

Adventures in Guix Packaging

Show HN: We had 20 Claude terminals open, so we built Orcha

Your Best Thinking Is Wasted on the Wrong Decisions

Warcraftcn/UI – UI component library inspired by classic Warcraft III aesthetics

Trump Vodka Becomes Available for Pre-Orders

Velocity of Money

Stop building automations. Start running your business

You can't QA your way to the frontier

Show HN: PalettePoint – AI color palette generator from text or images

Robust and Interactable World Models in Computer Vision [video]

Nestlé couldn't crack Japan's coffee market.Then they hired a child psychologist

Notes for February 2-7

Study confirms experience beats youthful enthusiasm

The Big Hunger by Walter J Miller, Jr. (1952)

The Genus Amanita

We have broken SHA-1 in practice

Ask HN: Was my first management job bad, or is this what management is like?

Ask HN: How to Reduce Time Spent Crimping?

KV Cache Transform Coding for Compact Storage in LLM Inference

A quantitative, multimodal wearable bioelectronic device for stress assessment

Why Big Tech Is Throwing Cash into India in Quest for AI Supremacy

How to shoot yourself in the foot – 2026 edition