In a rare coordinated public alert, the FBI, Britain’s MI5, and their counterparts from Australia, New Zealand, and Canada have warned that Chinese military intelligence services are aggressively using Western professional networking and job sites to recruit insiders and steal sensitive defense, foreign policy, and economic information.
The joint notice, released on Wednesday, highlights tactics employed by elements of the People’s Liberation Army (PLA) to target personnel across the Five Eyes intelligence alliance. According to the agencies, PLA-linked actors create fake profiles posing as recruiters for private consultancies, think tanks, or human resources firms. They post job advertisements seeking foreign policy and defense analysts, then approach individuals who appear to have access to protected information.
Recruitment Playbook
The process typically begins on widely used platforms such as LinkedIn, Indeed, and Upwork. Initial contacts often involve requests for unclassified “trial reports” on topics like China’s bilateral relations, Indo-Pacific security, or international trade. These low-level asks serve as both a vetting mechanism and a way to build rapport. Once trust is established, requests escalate toward more sensitive material.
Recruiters eventually shift conversations to encrypted messaging applications for security. Compensation for initial reports ranges from a few hundred to several thousand dollars, with higher payments possible for more valuable intelligence. Funds are transferred through common services including PayPal, Payoneer, Zelle, Skrill, Wise, and Western Union.
The notice emphasizes that targets include:
- Current and former government and military personnel
- Academics, journalists, think tank researchers, and freelancers
- Individuals with knowledge of Indo-Pacific military capabilities and activities
- Those working in defense, security, policy, and economic sectors
Even seemingly innocuous unclassified information-when aggregated-can help the PLA build a detailed picture of allied military posture, capabilities, and intentions, potentially endangering personnel and undermining strategic advantages.
Broader Context and Recent Cases
The warning arrives amid heightened U.S. concerns over Chinese espionage. American authorities have pursued multiple prosecutions in recent months involving alleged Chinese efforts to acquire advanced microchips, penetrate critical infrastructure, and conduct influence operations.
A notable historical example cited in related reporting is the case of Su Bin, a Chinese national who orchestrated a PLA-linked hacking campaign against Boeing between 2009 and 2014. The breach netted roughly 630,000 files on the C-17 transport aircraft and the advanced F-22 and F-35 stealth fighters. Su pleaded guilty in 2016.The PLA’s intelligence apparatus itself has undergone significant reorganization in recent years.
The former General Staff Department’s 2PLA functions have been absorbed into a new Intelligence Bureau under the Central Military Commission, alongside the creation of specialized aerospace, cyberspace, and information support forces. These changes reflect Beijing’s push for more integrated, intelligence-enabled military operations.
Chinese Response
China’s Foreign Ministry rejected the Five Eyes warning. Spokeswoman Mao Ning described the alliance as itself engaged in global espionage and called the accusations ironic.
However, former U.S. National Security Agency counterintelligence officer John Schindler noted that LinkedIn has long been a known vector for Chinese intelligence operations. Multiple cases within the Five Eyes community reportedly originated on the platform, with activity appearing to have intensified.
Implications
The joint notice serves both as a defensive alert to potential targets and a public acknowledgment of the scale of the threat. Five Eyes agencies report that individuals identified in such activities have faced criminal prosecution, loss of employment, and revocation of security clearances.
Security experts advise professionals-particularly those with government or defense ties-to exercise caution when engaging with unsolicited recruitment offers, to verify the legitimacy of companies and recruiters, and to report suspicious contacts to appropriate authorities.
As geopolitical competition intensifies, particularly in the Indo-Pacific, the battle for information advantage is increasingly playing out in digital spaces where professional networking meets espionage tradecraft. The latest warning underscores that seemingly routine online job interactions may carry hidden national security risks.
