How to Verify a Remote Worker’s Identity
You are about to hand a company laptop, a payroll record, and system access to someone you will never stand in a room with. Remote hiring removes the one thing that used to confirm identity for free: a real face, in real life, at a real address. In its place sit threats that exist only because the meeting is virtual, a deepfaked or proxy-run video interview, a request to ship the laptop to a stranger’s house, and organized fraud rings placing workers under borrowed identities from another country and another time zone. This guide is about defeating exactly those remote-only attacks: how to break a deepfake on a live call, how to read the laptop-shipping and proxy tells, how IP, VPN, and time-zone signals expose a worker who is not where they claim, and how lawful public-records research confirms that a person you will never meet is real and is who they say.
The Short Version
Verifying someone you will never meet in person is a different problem from verifying a walk-in hire, because the threats are remote-only. On the live call, defeat a deepfake or proxy with unscripted liveness checks: ask them, without warning, to turn their head fully in profile, wave a hand slowly across their face, and hold their ID up beside it, the moves current face-swap and avatar tools still struggle to render cleanly. Watch the logistics, too: a request to ship the company laptop to an address that is not theirs is the signature of a laptop-farm proxy, and a “local” candidate whose IP, VPN exit, working hours, and accent point to a different time zone may not be where, or who, they claim. These tells expose the organized remote IT-worker fraud that is built specifically to pass a video interview. The document and I-9 fundamentals matter, but they are the same for every hire and we cover them on our companion guide to verifying a job applicant’s identity. Here we focus on the remote-only attacks, and People Locator Skip Tracing closes them with lawful public-records research that confirms a person you cannot meet is real and consistent. This is general public-records research, not a consumer report, and we are not a consumer reporting agency, so any FCRA-covered hiring decision still runs through a compliant background check.
Watch: Verifying a Remote Hire
Beating the deepfake interview and the laptop-farm proxy when you will never meet.
Watch Overview
Beating the Deepfake Interview
When you will never meet the person, the video call is the front line, and it can lie.
The video interview used to be the safe part of remote hiring, the moment you finally saw a real human. That assumption no longer holds. Off-the-shelf face-swap and real-time avatar tools now let one person sit in front of a camera while a different face, often the face on a stolen ID, is rendered live over theirs. A confident applicant, a clean ID held to the lens, and a smooth conversation can all be synthetic, or a proxy: a real person on camera answering for, and looking nothing like, whoever would actually do the job. Because you will never share a room with this hire, the call is the only live signal you get, so you have to actively try to break it rather than passively watch it.
Liveness checks defeat most of this, and they cost nothing but the nerve to ask. Without advance notice, ask the candidate to turn their head fully to one side, then the other: real-time face-swap models still smear or warp at a sharp profile, where there is little training data. Ask them to slowly pass a hand in front of their face or hold the hand flat against a cheek; the overlay often glitches, doubles an edge, or makes the hand vanish behind the rendered face. Ask them to stand and step back from the camera, to hold their ID up beside their face and tilt it under the light so the photo and the live face share the same shadows, and to change the lighting by turning a lamp on or off, which avatars struggle to relight convincingly. A genuine applicant does all of this in a second; an impostor stalls, kills the camera “to fix the connection,” or produces a face that lags the voice and the room. None of these is proof on its own, but a candidate who fails several, or refuses the exercise, has earned a hard pause and deeper verification before anything is shipped or granted.
What Distance Takes Away
The protections you take for granted in person quietly disappear online.
In a traditional hire, identity is confirmed almost by accident. The candidate walks into your office, hands you a physical ID you can hold up to the light, sits across from a manager, and later shows up at a known address with a real face attached to a real commute. Remote hiring strips every one of those anchors away at once. The ID is a photograph that may have been altered. The interview is a video feed that can be filtered, deepfaked, or run by a different person than the one who will do the job. The address is a line on a form, the references are phone numbers and emails the candidate controls, and the laptop goes wherever they tell you to ship it. Nothing here is inherently fraudulent, but every signal that proximity used to verify for free is now something the applicant supplies and you must confirm at a distance.
The basics of identity, examining a government ID, completing Form I-9, and matching the name and number, are the same for a remote hire as for a walk-in, so we keep those fundamentals on our companion page about verifying a job applicant’s identity rather than repeat them here. What is genuinely different about remote work is that those document steps now happen entirely over a screen the applicant controls, and a polished fake can pass them without ever being where, or who, they claim. Closing that distance gap is not paranoia; it is doing in deliberate checks what standing in the same room used to do automatically, and the rest of this guide is the remote-specific playbook for it.
Red Flags Unique to a Worker You Never Meet
Any one can be innocent. Several together is your cue to break the call and verify the person behind it.
The Camera Glitches on Demand
Video stays off, or it freezes precisely when you ask for a head-turn, a hand-wave, or the ID held to the lens, the moves that break a live face-swap.
Ship the Laptop Somewhere Else
A request to send the company laptop to an address that is not the worker’s, the signature of a laptop-farm proxy receiving and relaying gear so the work looks domestic.
The Time Zone Does Not Fit
A “local” hire whose online hours, daylight in the window, and accent point to a region hours away from the address on the form.
VPN and IP Masking
Logins routed through a residential-VPN or relay exit, an IP that never matches the claimed city, or an insistence on remote-desktop tools that hide the real machine and its location.
A Face That Lags the Voice
Lips slightly out of sync, a hairline or glasses edge that shimmers, lighting on the face that never matches the room, the small tells of a rendered or proxied interview.
Two Different People
The voice, level, or appearance on the interview does not match the person who later joins onboarding, a hint the interviewee was a proxy for whoever actually got hired.
The Laptop Farm and the Remote IT-Worker Scheme
The organized fraud built specifically to pass a video interview from another country.
The laptop-farm proxy. The single most distinctive remote-hire fraud has no in-person equivalent at all. After a worker abroad is hired under a borrowed U.S. identity, they cannot have the company laptop shipped to their real address overseas, so a domestic accomplice receives it. That helper runs the machine from inside the country, often loading remote-access software so the actual worker, thousands of miles away, controls it as if sitting at that desk. To you, the traffic, the IP, and the shipping address all look domestic. The fingerprint is in the logistics: the “ship it to my cousin’s place” request, equipment going to an address tied to no one on the paperwork, and a worker who insists on a particular remote-desktop tool. A walk-in hire never needs any of this; a laptop farm cannot function without it.
The organized IT-worker ring. Federal investigators have publicized coordinated operations, prominently involving overseas IT workers, in which large numbers of remote technical jobs at U.S. companies are filled under stolen or rented American identities, the wages routed abroad and, in the worst cases, the access used to steal data or funds. These are not lone applicants; they are run at scale, with prepared biographies, coached interview answers, deepfake or proxy video, and the laptop-farm logistics above, all engineered to satisfy a document check and a polished video call. Public advisories and indicators from federal agencies, reachable through the U.S. government’s official portal, describe exactly this pattern and the warning signs to watch for.
Why it all routes back to the person. Every layer of these schemes, the rented identity, the relayed laptop, the masked IP, the rendered face, exists to make a worker you will never meet appear to be a local, ordinary hire. None of it survives contact with the real public-record footprint of the person being impersonated, which is where lawful research closes the loop the document and the call leave open.
Which Remote Check Catches Which Attack
Each remote-only fraud is defeated by a different signal. Map them so nothing slips through.
| The Remote-Only Attack | The Check That Catches It | What Alone Will Miss It |
|---|---|---|
| Deepfake or avatar on the call | Live, unscripted liveness moves (profile turn, hand-wave, relight) | A passive “camera on” video alone |
| Proxy answering for the real worker | Same-person check at interview and onboarding; ID held to lens | A single pre-scheduled interview |
| Laptop-farm relay | Equipment shipped only to the worker’s own verified address | Trusting the shipping address on the form |
| Worker in a different country or zone | IP, VPN-exit, and working-hours consistency vs. the claimed city | A document scan, which carries no location |
| Borrowed or rented identity | Public-records footprint that must trace to the applicant | An ID that scans clean because it is real |
| People Locator Skip TracingRecords Layer | Lawful research tying name, address trail, and footprint to the real person | Pair it with your live-call and logistics checks |
The table is a defense map for a hire you will never meet: each remote-only attack has a signal that exposes it, and the danger is leaning on one check that the others were meant to back up. Trusting the video without forcing liveness, or trusting the shipping address without confirming it is the worker’s own, is how a coordinated scheme walks through. For the document and screening fundamentals that sit underneath this, our plain-language guide to the different types of background checks lays out how identity, criminal, employment, and records searches differ and where each one stops.
The Remote Verification Playbook
The order that closes the distance before any laptop ships or access is granted.
Break the Call with Liveness
On live video, ask without warning for a full profile turn, a hand passed across the face, ID held beside the face, and a lighting change. Watch for warping, lag, or a sudden “connection” excuse, the tells of a deepfake or proxy.
Check Where They Actually Are
Compare the login IP and VPN exit, the working hours, and the daylight in the window against the city they claim. A residential-VPN relay or a time zone that does not fit is your cue to dig before onboarding.
Control the Laptop and the Address
Ship equipment only to an address verified as the worker’s own, never a redirect. Treat a “send it elsewhere” request as a possible laptop-farm relay and confirm the address ties to the actual person before anything goes out.
Trace the Person You Cannot Meet
Hand us the claimed name, address, and history. We confirm through public records that they trace to one real person, then any FCRA-covered decision runs through a compliant screening provider.
Confirming a Person You Will Never Meet
The footprint is the one signal a deepfake, a VPN, and a relayed laptop cannot fake.
Every remote-only trick so far, the rendered face, the masked IP, the proxy laptop, defends the surface of the interaction. None of it builds the decades of public-record residue a real life leaves, so when you cannot meet a worker, that footprint becomes the anchor the fraud cannot forge. When an applicant claims a name, an address, and a work history, those claims should echo across independent sources, and the absence of that echo is itself informative. Lawful research can confirm an address and residence history that matches the timeline a candidate gives, rather than an address that appears nowhere or belongs to the identity-theft victim being impersonated. It can test whether the employer the applicant names lines up with where the records actually place them, which is where a fabricated remote work history tends to fall apart. Where a contractor claims to operate through a company, you can check whether that business is genuinely registered and tied to them rather than a shell built for the application.
Just as telling is what does not appear. A real person who has lived and worked for years accumulates a layered record; a synthetic or freshly assembled identity is conspicuously thin, with no older addresses, no consistent prior employers, and references that all loop back to the same controlled contacts. None of this is a verdict on the candidate by itself, and a sparse record alone is not proof of fraud. It is a set of questions that a legitimate applicant can answer easily and an impostor usually cannot. For the formal employment-screening side, our overview of how to run a background check walks through doing it the compliant way once you have decided to proceed.
Where the Line Is: Research vs. Screening
An important boundary that protects you and the applicant.
Identity verification and a regulated background check are not the same thing, and treating them as interchangeable creates legal exposure. The public-records research described here is general investigative research to confirm that a person exists and matches their story; it is not a consumer report, and People Locator Skip Tracing is not a consumer reporting agency. That distinction is not a technicality. When you make an actual hiring decision, including hiring, firing, or rejecting based on someone’s background, the federal Fair Credit Reporting Act governs how that information must be obtained and used, including written consent and a specific adverse-action process if you decline someone based on a report.
So use the two tools for what each is built to do. Use lawful identity and public-records research to satisfy yourself that the person on the other end of the connection is real and is who they claim, and pause anything that does not add up. Then, for the formal employment screening that informs the FCRA-covered decision itself, work through a properly regulated background-check provider that operates under those consumer-protection rules. Knowing in advance what a compliant background check actually surfaces helps you scope that step correctly. Keeping the research stage and the regulated-screening stage clearly separate is how you verify diligently and stay on the right side of the law at the same time. This page is general information, not legal advice.
Who This Helps
Anyone bringing on a person they have never met in the same room.
Small Employers
Vet a remote hire without enterprise tooling
Staffing Firms
Confirm a placement is who they claim
Startups
Hire distributed contractors with confidence
HR Teams
Add a person-verification layer to onboarding
Agencies
Confirm freelancers before granting access
IT & Security
Close the people gap a tool cannot
If part of your concern is what a candidate might be hiding rather than only whether they are real, a regulated criminal background check through a compliant provider covers that ground, while our lawful skip tracing and public-records research confirms the identity and footprint underneath a hire you will never meet. Send us the name, the claimed address, and the work history exactly as the applicant gave them, and we will research whether the public record supports the story, including whether a “local” worker’s footprint actually sits where they say. We work strictly for lawful, permissible purposes, we tell you plainly what the records can and cannot show, and on a typical identity-confirmation request we return an initial read within 24 hours.
Our Commitment
We do not sell guarantees or pretend a clean video call settles it when you will never meet the hire. We do the lawful research that survives a deepfake, a masked IP, and a relayed laptop: confirming the real person behind a remote applicant exists, matches their claimed history and location, and is who they say. Honest, permissible-purpose public-records research and skip tracing since 2004.
Frequently Asked Questions
How do I tell if a video interview is a deepfake or a proxy?
Force liveness the software cannot fake. Without warning, ask the candidate to turn their head fully into profile, slowly pass a hand across their face, hold their ID up beside their face, and change the room lighting. Real-time face-swap and avatar tools smear at sharp profiles, glitch around a passing hand, and fail to relight convincingly. A genuine applicant does all of it instantly; an impostor stalls, kills the camera, or shows a face that lags the voice.
What is a laptop farm and why is the shipping address a red flag?
In remote IT-worker fraud, a worker abroad is hired under a stolen U.S. identity but cannot receive the company laptop overseas, so a domestic accomplice takes delivery and runs or relays the machine so the traffic looks domestic. That is why a request to ship equipment to an address that is not the worker’s own is a signature tell. Ship only to an address verified as theirs, and treat any redirect as a reason to dig before access is granted.
What can public-records research actually confirm about an applicant?
It can confirm whether the named person exists with an address and residence history matching their claim, whether the employer they name lines up with where records place them, and whether a contractor’s stated business is genuinely registered to them. It also surfaces telling absences, the missing footprint that a real adult life leaves but a borrowed or relayed remote identity does not.
How do IP, VPN, and time-zone signals expose a remote worker?
A worker pretending to be local has to mask where they really sit, usually with a VPN or residential relay, but the cracks show: a login IP that never matches the claimed city, working hours that fit a different time zone, daylight in the camera that contradicts the local clock, and an insistence on remote-desktop tools. None is conclusive alone, but together they suggest someone is not where, and possibly not who, they claim.
Is this the same as running a background check?
No. This is general public-records research to confirm a person exists and matches their story; it is not a consumer report, and we are not a consumer reporting agency. A formal background check used to make a hiring decision is governed by the Fair Credit Reporting Act and must run through a compliant, FCRA-regulated provider with consent and adverse-action steps. The two are complementary, not interchangeable.
What are the biggest red flags in a worker I will never meet?
The camera failing exactly when you ask for a liveness move, a request to ship the laptop somewhere other than the worker’s address, working hours and accent that fit a different time zone, logins masked behind a VPN or relay, a face that lags the voice, and an interviewee who does not match the person who later joins onboarding. Any one can be innocent; several together warrant breaking off and verifying the person behind the screen.
What information do you need to verify a remote worker?
Send the applicant’s full legal name, the address and prior addresses they claim, the employers and dates on their resume, and any business name a contractor says they operate under, exactly as they provided them. We research whether the public record supports that story and flag any mismatch, so you can resolve it before granting access or completing the hire.
Can you guarantee a hire is completely safe?
No honest research can guarantee that. What lawful public-records research does is sharply raise your confidence that the person is real and consistent with their claims, and it catches the patterns that document tools miss. We tell you plainly what the records can and cannot show, and we never overstate a result. The final decision, and any regulated screening behind it, stays with you.
Related Guides
More ways our investigation team can help.
Hiring Remote? Confirm the Person.
We do the lawful public-records research a video call and a shipping label can’t, confirming the human behind a remote applicant is real, is where they claim, and matches their story, typically with an initial read within 24 hours. Contact us to get started.
Start Your Request →