Chinese spies are using LinkedIn to lure Westerners into sharing sensitive information
Source: TechCrunch
Spies working for Chinese intelligence are using job‑search and recruitment websites, including LinkedIn, to lure Western workers into sharing sensitive information, according to a joint advisory by the FBI, the U.K.’s security service MI5, and the governments of Australia, Canada, and New Zealand.
The advisory says Chinese spies pose as online recruiters and human‑resources firms that represent fake companies purportedly located outside of China. They target people with the aim of obtaining non‑public information that might benefit Beijing.
While Chinese spies often rely on hacking to steal information — see TechCrunch article on Chinese hackers probing critical networks and another on China‑backed hackers targeting phone companies — the advisory underscores how spies also attempt to cultivate sources through public websites and communities.
China’s military intelligence services “ultimately seek to acquire privileged military, political and economic intelligence that can provide China with a strategic and tactical advantage over the Five Eyes,” the advisory reads, referring to the decades‑old intelligence‑collection alliance formed by the five countries behind the joint statement.
Target Profiles
- Security‑clearance holders and military personnel, particularly in the Indo‑Pacific region.
- Journalists, academics, and think‑tank employees with knowledge of unclassified information.
Targets are selected partly based on their resumes and the likelihood that they might possess potentially sensitive or non‑public information. Even unclassified data can be useful to the spies, especially when combined with other, more sensitive information that can inform Beijing’s policy decisions.
LinkedIn’s Response
When reached by TechCrunch for comment, a spokesperson for LinkedIn said:
“Creating a fake account or misrepresenting your identity is a clear violation of our terms of service. We remain focused on detecting state‑sponsored abuse, and will continue to enforce our policies against fake accounts.”