The Five Eyes intelligence alliance has warned of a Chinese espionage campaign leveraging LinkedIn recruitment to target individuals with access to classified information.
The campaign involves fake recruitment profiles and job offers for foreign policy and defense analyst positions targeting government and military officers from Five Eyes alliance member countries: the United States, the United Kingdom, Canada, Australia, and New Zealand.
LinkedIn recruitment linked to a Chinese espionage campaign
According to the joint alert, Chinese operatives pose as employees of private consultancies, think tanks, or human resources firms and place fake LinkedIn recruitment advertisements to lure individuals with access to classified information.
The Chinese operatives sift through the applicants’ resumes to identify the most worthy candidates. However, they also target individuals with indirect access to classified information, such as journalists, think tank employees, academics, and freelance writers.
They subsequently conduct virtual interviews to determine if the candidate has access to classified information in specific areas of interest, such as defense or international affairs. Ironically, the fake LinkedIn recruitment messages were crafted in poor English, which would likely raise suspicions among experienced intelligence officials.
During the recruitment process, candidates receive financial incentives and are compelled to provide non-public information for unspecified clients. The selected applicants were required to write reports on sensitive topics and received up to $1,000 per report via various payment platforms, including PayPal, Western Union, and cryptocurrency transfers. Many security and intelligence professionals have unknowingly accepted payments and produced reports, unaware that they were participating in a Chinese espionage campaign.
The conversations later moved to encrypted messaging platforms to ensure a high degree of anonymity. Numerous fake LinkedIn recruitment profiles have been traced to suspected operatives linked to the Chinese Ministry of State Security (MSS), such as Amanda Qiu and Shirly Shen.
“We’ve seen some of these campaigns stretch across multiple touchpoints, including multiple rounds of interviews with bad actors who employ deepfake technology to look and sound like legitimate recruiters and hiring managers,” said Mika Aalto, Co-Founder and CEO at Hoxhunt. “By the time a victim is asked to share sensitive information, complete a research assignment, or move the conversation to another platform, they’ve often invested significant time and trust into the process.”
Five Eyes intelligence chiefs say the Chinese espionage campaign aims to reveal privileged military, political, and economic intelligence information to give Beijing a strategic and tactical advantage over the Five Eyes.
“These warnings underscore a tactic we’ve seen repeatedly from nation-state actors: using trusted professional platforms to identify and cultivate targets with access to valuable information,” said Matthew Hartman, Chief Strategy Officer at Merlin Group. “Whether you’re in government, academia, or the private sector, unsolicited recruiting outreach should be approached with healthy skepticism. Organizations should ensure employees understand how social engineering campaigns evolve from seemingly benign conversations into intelligence collection efforts.”
Meanwhile, the Chinese Embassy in London has denied the allegations and accused the Five Eyes alliance of involvement in global espionage activities.
While LinkedIn recruitment remains the primary tactic, Chinese operatives have also leveraged other employment platforms, including Upwork and Indeed, to target individuals with access to sensitive or classified information.
“China’s military intelligence services are using an increasingly wide array of professional networking sites and online job platforms to target Five Eyes government and military personnel and anyone with access to classified or privileged information,” the alliance stated.
Chinese espionage is a persistent problem
The United States has designated China as the country’s greatest national security threat, according to former FBI Director Christopher Wray. By 2022, the FBI had opened over 2,000 Chinese espionage cases. Since October 2025, a Chinese espionage campaign has also targeted members of the U.K. parliament via social media and email phishing.
Similarly, Chinese espionage via fake LinkedIn recruitment has targeted the British security establishment since 2021, resulting in numerous criminal prosecutions, job losses, and clearance revocations. The U.K. has also consistently accused “civilian recruitment headhunters” of targeting British security and intelligence officials.
According to the U.K.’s Security Minister, Dan Jarvis, the country will not tolerate Chinese espionage or attempts to interfere in the country’s internal affairs.
