HYPR reports an attempted fraudulent hire that aligned with the wider DPRK IT worker threat but also warns that fake-employee schemes are broader than North Korea. The candidate passed early interviews but failed onboarding checks when location data changed, facial verification did not match the passport image, liveness detection failed, and the person refused live video verification. HYPR says no credentials were issued because account provisioning was tied to multi-factor identity verification, contrasting the case with incidents where fake workers received initial system access.