(Photo Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images)
The FBI is warning that China has been using job and networking sites, including LinkedIn, Indeed, and Upwork, to dupe Western government and military officials into giving up confidential information.
Chinese intelligence officials have allegedly been pulling off the espionage by posing as “online HR recruiters or consultants who represent fake, but often legitimate-looking, 'cover companies' and claim to be located in countries other than China,” the alert warns.
The advisory is titled “Safeguarding our secrets,” and comes from the “Five Eyes” alliance between intelligence agencies in the US, UK, Australia, Canada, and New Zealand. It warns that Chinese agents have been using “an aggressive online recruitment strategy” that involves placing job ads for foreign policy and defense analysts, and other related fields.
China has been targeting Western officials with security clearances, along with military personnel and even “academics, journalists, freelance writers, think tank employees, or anyone with links to defense, security, policy, and economic sectors,” the agencies say.
Through these cover companies, the Chinese operation will conduct virtual interviews with the job candidate and ask about access to government contacts or the candidate's role at a military base. The cover companies will then ask the candidate to write an initial report about Chinese foreign relations, a defense issue, or international trade.
“Recruits are informed that for additional reports, the client requires more privileged information,” the advisory adds. “At some point in the recruitment process, intelligence officers typically move the conversation to a more 'secure' platform, such as encrypted messaging applications.”
(Credit: FBI)In return, the job candidates can receive “anywhere from a few hundred to several thousand dollars per report, and may be offered more money in return for increasingly sensitive information.” The goal is to "acquire privileged military, political and economic intelligence that can provide China with a strategic and tactical advantage over the Five Eyes," the alert adds.
It’s not the first time the US has warned about the threat. In 2018, a US counterintelligence director also alleged that China had been contacting “thousands" of LinkedIn members to try to uncover US government and commercial secrets. This came after a former CIA officer was convicted of spying for China after he was initially recruited through a message on LinkedIn. He was later sentenced to 20 years in prison for espionage.
The newest advisory further warns: “Five Eyes agencies have identified individuals who have undertaken these activities, leading to criminal prosecutions, job losses, and security-clearance revocation.” It also points out that simply submitting a resume is risky, since it can expose the user’s personal information to Chinese intelligence.
“While applicants often have no direct access to classified information, even unclassified information on government policy, or on military strategy, capabilities and installations, can be collected and combined with more sensitive reporting to form a comprehensive operational picture,” the agencies add.
Although the FBI’s advisory mainly concerns US government officials, military personnel, and contractors falling for the recruitment scheme, all kinds of malicious actors, including Iranian state-sponsored hackers and scammers, have used job sites to target unsuspecting internet users. This can include tricking prospective targets into installing malware.
In response to the advisory, LinkedIn told PCMag: “Creating a fake account or misrepresenting your identity is a clear violation of our terms of service. We remain focused on detecting state-sponsored abuse, and will continue to enforce our policies against fake accounts.”