📣 coderc

The "Japanese Developer" Scam

I've been the target of a new scam, (or a new twist on an old one) that I haven't seen anywhere else. It seems to be targeted at web developer freelancers. I'd like to tell you about it and see if you've experienced this as well.
The scam is as follows:
1. A person who claims to be a developer from Japan contacts you after finding your details on a site (in my case, Braintrust). They claim to be working with a team of web developers, and they even have a porfolio of sites they've worked on in the past.
2. Because they are from Japan, they can't easily get US contracts and US dollars.
3. So they want to use your freelancing profiles (Upwork, fiverr, etc) your IP address (Using TeamViewer), and your US bank accounts to secure those contracts. They'll split the profits with you 50/50. All you have to do is let them apply to jobs using your account, show up for the online interviews and pretend that you're the one doing the work.
The first time I was contacted, I spoke with the person over Google Meet and Discord. He seemed sincere, and I entertained the thought because I had worked for companies that employed overseas contractors previously. I knew it was legal and possible on some level, though I refused to let the person use my freelance accounts or access my computer, and I refused to break the ToS of any freelancing site.
He still agreed to my conditions and claimed to be willing to work on any gigs that I could get. We chatted for several hours, but after I slept on it, I blocked the person from all communication.
After that, I was contacted two other times, from two different email addresses, with similar introductions that I suspect lead to the same scam.
This is very high-effort on the part of the "scammer", involving video calls and long chats lasting hours, which makes me question if the person isn't sincere, but just ignorant about the legal issues at play here.
Has anyone else encountered anything like this?
Besides breaking the ToS of freelancing sites, what would be the legal ramifications of agreeing to such an arrangement?

👤 exhaze Accepted Answer ✓

If a Japanese person who says they live in Japan contacts you and speaks English that isn't super broken, you can safely assume it's a scam. Roughly 2% of Japanese nationals living in Japan can speak English at this level.

👤 whatamidoingyo

I got the same emails and even messages on LinkedIn for years. They usually start with a sincere message, and then ask "do you know upwork?"
Last week was my first encounter with a Japanese developer.
I've been curious about the scam as well. My guess is that they're setting up accounts to pay you with stolen credit cards, and then you're going to wire that stolen money back to them (as it's clean now?)
But who knows. We need a Krebs on Security article.

👤 baobun

So what's the scam? I've been getting similar outreach and my imagination fails to come up with any bad scenario, apart from maybe getting a residential IP, if you let them use yours.
It might be a circumvention of ToS, but not everything you find morally dubious is scam.
(I'm still very curious though. Feels like there's somethingore to it but my imagination fails me. Unless you're specifically targeted as a person-of-interest aka spearphishing)

👤 csomar

I don't think it's exactly a scam at this point (unless if you mean scamming Upwork or the clients). My guess is that these individuals are located in less favorable countries (ie: Russia) and need a proxy to export their tech skills. Japan sounds less scary than Russia.
> but just ignorant about the legal issues at play here.
The persons have no legal issues. They'll probably ask for their share to be paid in crypto. You have the legal issues but then you will also be getting 50% for doing nothing.

👤 smartician

There's an interesting podcast about this: https://www.youtube.com/watch?v=XpkNGMSWbYk

👤 brtkdotse

> So they want to use your freelancing profiles (Upwork, fiverr, etc) your IP address (Using TeamViewer), and your US bank accounts to secure those contracts. They'll split the profits with you 50/50. All you have to do is let them apply to jobs using your account, show up for the online interviews and pretend that you're the one doing the work.
This is Nigerian Prince level of obvious red flags.

👤 _xivi

> they can't easily get US contracts and US dollars.
> they want to use your US bank accounts to secure those contracts
> I refused to let the person use my accounts
> He still agreed to my conditions and claimed to be willing to work on any gigs
So how you gonna get the money to them? Isn't that the whole reason they claim they can't deal with clients directly?

👤 jrflowers

I like this post because it starts with a description of what it’s like to be a potential victim and ends with
> Besides breaking the ToS of freelancing sites, what would be the legal ramifications of agreeing to such an arrangement?
A question that would be useful for a potential attacker to help assuage the fears of future potential victims

👤 orionblastar

This is the 419 Nigerian Prince scam, they say they will share millions with you but need your SSN, bank account number, etc to establish a transfer. It is an old scam. https://en.wikipedia.org/wiki/Advance-fee_scam in this case they are Japanese web developers. The old saying goes, "If it sounds too good to be true, it most likely is."

Web Analytics Made Easy - Statcounter