Employee in the USA caught ‘outsourcing’ his job to China

businessman

What do you do when you have a nice six-figure salary and are given the opportunity to work from home? Well, outsource your entire job to China of course! Okay, maybe not. But that’s what one US worker did.

Working as a software developer (in his 40s) in the United States for an unnamed US firm, he supposedly spent his work days watching YouTube videos and surfing around Reddit and eBay instead of doing any actual developing. How did he get away with it? By paying $50,000 every year — or about 1/5th of his substantial salary — to a company in Shenyang, China to do his job. As long as work was being done, no one was the wiser as to who was actually writing the code. Until recently.

The scam was discovered when the man’s employer asked Verizon to conduct an audit because they were suspecting a security breach. The company found some anomalous activity on its VPN logs and then eventually an active and open VPN connection from Shenyang to the employee’s workstation. They initially suspected malware that was being used to take confidential information from the company — until further investigations revealed hundreds of PDFs that turned out to be invoices from the Shenyang contractor. Andrew Valentine of Verizon revealed more information to the BBC:

“Authentication was no problem. He physically FedExed his RSA [security] token to China so that the third-party contractor could log-in under his credentials during the workday. It would appear that he was working an average nine-to-five work day.”

“Evidence even suggested he had the same scam going across multiple companies in the area. All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about $50,000 (£31,270) annually.”

According to Mr. Valentine, the employee no longer worked at the company. Very clever, whoever you are Mr. Employee.

Update: This story originally stated the US employee in question worked for Verizon. That is wrong, the man did not (does not) work for Verizon. The company the man worked for is not known. Verizon did the security audit of the company.

[via BBC News, Verizon, image via Victor1558]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

14 comments

  1. That Aintnews

    I don’t see what the issue is. At JPMorgan Chase, they refer to that as “BAU” business as usual. An astounding amount of work is outsourced, to India and other countries where low-paid workers are willing to bend over backwards, while USA-based management and executives take ALL the credit and receive deplorably-high salaries and bonuses.

  2. kevbo

    I’ve got to meet this guy. I’ve been thinking this over since I first read this post this AM, I’ve almost got it all figured out. I’m going to get my kids working also; I’ve been keeping it a secret, but they’re genius coders at 9 and 11 years of age, ready for the right kind of ‘work from home’ company.

    We’re going to Disneyland. Woo-hoo!!

  3. JMJ

    @Enrique: I agree. This wasn’t some innocent, ingenious, Tom-Sawyer-like prank. Whatever his contract terms, compensation, etc., this guy seriously compromised the security of his company. Trade secrets, proprietary info, fellow employees, info system integrity… all these and more were placed at risk by this guy’s actions. Not knowing all of the facts, I’m still willing to bet heavily that he broke many laws and acted unethically.

  4. Enrique
    Author/Staff

    @Tom: He was being paid a very good amount of money to do his job. If he was just going to let someone else do it, maybe they shouldn’t have paid him that much? At all? Or they could’ve paid the guys actually doing the work. It probably also doesn’t say in his work contract that it’s okay not to do any work at all and just outsource it :)

  5. JMJ

    If only he had not illegally shared his logon credentials (and, of course, not having seen his employment contract), I’d applaud this guy.

    Hmm? Then again, he was sharing company data with an unauthorized third party. That would be like a forum moderator giving our email addresses and profile info to an outside source for replies to our comments without our knowledge or permission.

    I guess this guy isn’t to be applauded, afterall, huh?

  6. Tom

    Why do you call this a “scam”. There’s nothing here that suggests his employers didn’t receive the work required of him.

    If you buy a car from Ford, do you require it to be fully sourced/built within Detroit?

    While his approach may seem unorthodox to some, it is the heart of an entrepreneurial spirit.

  7. kevbo

    Very clever indeed, Enrique. This guy needs to write an “Outsourcing for Dummies” book, I’ll be one of the first to buy. My career path has just taken a sharp right turn, the possibilities now seem endless!! Thank you, Mr Employee, for the inspiration!