The ruse — highlighted in a Verizon case study — was carried out by an employee called “Bob” who worked at an anonymous “critical infrastructure company”. The trick was only spotted when someone noticed suspicious activity on the company’s VPN log. The report explains:
“We received a request from a US-based company asking for our help in understanding some anomalous activity that they were witnessing in their VPN logs. Plainly stated, the VPN logs showed [Bob] logged in from China, yet the employee is right there, sitting at his desk, staring into his monitor.”
While Bob apparently received glowing performance reviews, all of his development work was being carried out from China. In fact, he pulled off the same scam across multiple companies concurrently, earning “several hundred thousand dollars a year”.
Further investigation revealed a typical day’s work for Bob included: reading Reddit for two hours, shopping on eBay for an hour, browsing Facebook for two hours, and checking LinkedIn for a further two hours. Looks like he’ll be spending more time on LinkedIn from now on. [Verizon via The Inquirer]