Let’s have a look at this concrete case. The scammer contacted a freelancer over Upwork, maintained communication over the service and then asked for an interview over Skype. Nothing suspicious yet, save for the fact that SatoshiLabs does not use Upwork, and there is no Eddie Nelson in our team.

Pay close attention to that email domain. Not ours!

The Skype interview was also not a standard one. When applying for a job, you would expect to have a video, or at least voice interview, and not just plain chat interview. Having no possibility of visual or audio contact is a strong indicator of a scam. Subsequently, Eddie sends a link to the company’s website, which is obviously incorrect.

After our domain consolidation, SatoshiLabs and TREZOR only use two domains: satoshilabs.com and trezor.io . Also, why would a company based in the Czech Republic register a Ukrainian domain and use it for official communication?

While we did invent the first Bitcoin hardware wallet, we definitely did not do that back in 1907.

Nonetheless, Eddie’s requests is so far harmless. No private information has been shared; he only wastes the applicant’s time. At the end of the interview, however, he asks for a “direct deposit form”, with bank account information. This could potentially be considered as private information, especially in conjunction with other sensitive data.

That’s it for the chat details, let’s have a look at the domain now.