Australia’s intelligence agency joined counterparts in Canada, New Zealand, the UK and the US in a rare joint bulletin outlining the cyber espionage tactics. The advisory says Chinese intelligence-linked actors create fake profiles as staff of consultancies, think tanks or human resources firms, then advertise roles for foreign policy or defence analysts.
Targets include serving and former military personnel, defence contractors, foreign affairs specialists and anyone with privileged access, such as academics, journalists and employees of policy institutes. People who only handle peripheral or contextual information around government decisions are still considered valuable.
The bulletin describes a structured recruitment pipeline, starting with friendly networking messages that quickly shift into private channels and off-platform communications. Once a target engages, they are steered towards apparently legitimate paid “research” or “analysis” tasks for undisclosed clients.
Over time, those clients are revealed to be linked to the Chinese state, according to the agencies, and payment is used to normalise the exchange of increasingly sensitive, non-public material. The approach blurs the line between legitimate consulting work and clandestine intelligence collection, making it harder for individuals to recognise when they have crossed a legal or ethical boundary.
Security agencies across the Five Eyes network describe this as part of a broader trend where professional and social platforms double as covert collection tools. LinkedIn and similar networks give foreign intelligence services a low-cost way to map professional communities, identify people with access and approach them without the visual red flags of traditional espionage.
The warning aims to push that behaviour into the open, nudging governments, companies and individuals to treat unsolicited overseas “opportunities” with far more suspicion.
