Skip to content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Mandatory Privacy Policy

To the extent you are completing this form on your own behalf, and not on behalf of your agency or organization, be advised that the information on the form is being collected in accordance with the Privacy Act Statement on the IC3 homepage, https://www.ic3.gov/Home/Privacy. Whether you are completing the form on your own behalf, or on behalf of your agency or organization, you are requested to avoid including, to the extent possible, the personally identifiable information of others. Visit IC3's Privacy Notice page for more information.

The FBI's Denver Division is seeking to identify potential victims of a North Korean Remote IT Worker scheme. The North Korean government has dispatched thousands of skilled IT workers around the world, including to China and Russia, with the aim of deceiving U.S. and other businesses worldwide into hiring them as remote IT workers to generate revenue for the regime. DPRK IT worker schemes involve the use of stolen identities, pseudonymous email, social media, payment platform, and online job site accounts, as well as false websites, proxy computers, and witting and unwitting third parties located in the United States and elsewhere.

If you have already received a notification from the FBI identifying you as a victim of the North Korean Remote IT Worker scheme, please use your Victim Identification Number (VIN) in the form below to receive the specific personally identifiable information (PII) the investigation has identified related to your potentially fraudulent employee(s).

A red asterisk (*) indicates a required field.