top of page

LinkedIn impersonation tactics used by Chinese spies to gather sensitive information

  • 4 hours ago
  • 2 min read

A joint advisory recently issued by Western security agencies highlights how popular professional networking platforms are being leveraged as tools for illicit outreach and intelligence harvesting by espionage groups.

Sophisticated outreach tactics via professional profiles

Intelligence agencies from the United States (FBI) and the United Kingdom (MI5), alongside the governments of Australia, Canada, and New Zealand, have jointly issued a warning regarding this operational method. Rather than relying solely on conventional cyberattacks to steal data, espionage actors working for Chinese intelligence are pivoting toward building long-term relationships with sources via public platforms, most notably LinkedIn.

The LinkedIn platform is being exploited by malicious actors to target users
The LinkedIn platform is being exploited by malicious actors to target users

A typical scenario involves these threat actors creating fraudulent accounts, masquerading as HR professionals or representatives of headhunting firms. These companies are falsely presented as being based outside of China to establish trust, allowing the actors to approach professionals in Western countries and attempt to harvest unreleased internal information to benefit Beijing.

Targets placed in the crosshairs

The report indicates that China's military intelligence agencies ultimately aim to acquire economic, political, and military secrets. This is designed to secure tactical and strategic advantages over the Five Eyes - the decades-old intelligence-sharing alliance between the five nations that issued the warning. Notably, this advisory comes even as the US and the UK are making diplomatic efforts to improve relations with Beijing.

Utilizing publicly posted professional profiles, threat actors screen and select potential candidates who are likely to have access to non-public information. The targeted groups include:

  • Military personnel and individuals holding a security clearance, particularly within the Indo-Pacific region.

  • Journalists, academic researchers, and staff members at think-tanks who possess insights into unclassified information.

According to the advisory, although the information held by these individuals might not be classified, when aggregated and combined with other sensitive data sources, it serves as a critical foundation for shaping Beijing's policy decisions.

Response from the online platform

In response to these developments, a spokesperson for LinkedIn issued an official statement when contacted. The platform affirmed that creating fake profiles or providing fraudulent identity information constitutes a severe violation of their terms of service.

LinkedIn also emphasized that they are heavily focused on reviewing and detecting state-sponsored abuse, and will continue to enforce strict measures against fraudulent accounts.

This campaign demonstrates that public groups and websites are being fully exploited for espionage purposes. Heightened vigilance against ambiguous recruitment offers on social media is absolutely essential for professionals, especially those holding sensitive positions or handling confidential information.

Reference: TechCrunch

40051abd5a76713af8f015988fc6780e-blue-phone-icon-with-a-wave-on-it.webp
whatsapp-mobile-software-icon-png-image_6315991.png
pngtree-minimal-calendar-icon-vector-png-image_21233134.png
Logo-Zalo-Arc.webp
IPSIP logo transparent.png

IPSIP VIETNAM ONE MEMBER LIMITED LIABILITY COMPANY (IPSIP VIETNAM OMLLC)

Tax code: 0313859600

🏢 SH05.01, B4 Street, Saritown Area, An Khanh Ward, Ho Chi Minh City, Vietnam

​☎  +84 918 397 489

  • Linkedin
  • Facebook
  • TikTok
  • Email liên hệ

Our Services

Solutions for SMEs

SOC 24/7

NOC 24/7

IT Support

Cloud Security

Sign up to receive in-depth cybersecurity documents and news from IPSIP Vietnam.

bottom of page