Five Eyes — the intelligence-sharing alliance uniting the United States, Australia, Canada, New Zealand and the United Kingdom — warns that China is targeting individuals associated with the alliance in order to access sensitive or classified information. According to the warning, Chinese actors are leveraging LinkedIn, Indeed and Upwork to posing as human resources consultants, post illegitimate jobs, and pressure candidates to provide sensitive information.

Potential targets of this behavior include: 

• Security clearance holders
• Military personnel
• Individuals indirectly connected to government information (such as journalists or think tank workers)

The Chinese Embassy in London has condemned this alert as false. 

Security Leaders Weigh In

Mika Aalto, Co-Founder and CEO at Hoxhunt:

The best social engineering attacks don’t ask victims to believe something impossible. They ask them to believe something they already want to be true. Recruitment scams are particularly effective because they package espionage, fraud, and credential theft as career opportunities that a professional has been considering already.

We've seen some of these campaigns stretch across multiple touchpoints, including multiple rounds of interviews with bad actors who employ deepfake technology to look and sound like legitimate recruiters and hiring managers. By the time a victim is asked to share sensitive information, complete a research assignment, or move the conversation to another platform, they’ve often invested significant time and trust into the process.

In many ways, these attacks resemble classic confidence scams. The attacker isn’t creating trust in a single interaction. They’re building a relationship over time and exploiting a person’s ambitions, expertise, and professional aspirations. When an opportunity feels like a natural next step in your career, it’s much easier to overlook the small red flags that might otherwise raise suspicion.

Today, people should approach unsolicited recruitment opportunities with the same caution they apply to suspicious emails. If a role seems unusually attractive or involves requests for sensitive information, verify the opportunity through official company channels. Contact the organization directly, confirm the recruiter is real, and independently validate who you’re speaking with. In an era of AI-generated content, deepfakes, and professional impersonation, we can no longer afford to take identity at face value.

Matthew Hartman, Chief Strategy Officer at Merlin Group:

These warnings underscore a tactic we’ve seen repeatedly from nation-state actors: using trusted professional platforms to identify and cultivate targets with access to valuable information. Whether you’re in government, academia, or the private sector, unsolicited recruiting outreach should be approached with healthy skepticism. Organizations should ensure employees understand how social engineering campaigns evolve from seemingly benign conversations into intelligence collection efforts.

Maxime Cartier, Vice President of Human Risk at Hoxhunt:

Highly-targeted recruitment scams like these are becoming easier to execute and harder to detect. Easily-available AI tools help attackers research targets, personalize communications, and convincingly impersonate legitimate organizations at scale. The more sophisticated attacks contain highly believable deepfake voice and video conferencing calls, which can really lower your defenses. Globally, we are seeing a surge in personalized recruitment scams hitting employees via LinkedIn and corporate email. It’s worth noting that they can be effective at bypassing spam filters because the initial email’s link might not be malicious.

What makes recruitment scams particularly effective is that they tap into positive emotions rather than fear, and latch onto a real career-advancement scenario. For instance, many public sector analysts and military personnel might indeed plan to apply for a higher-paying private sector job. Whereas traditional phishing attacks create urgency or anxiety, recruitment scams offer opportunity, prestige, career advancement, and financial reward. When someone is approached about a consulting opportunity, a research project, or a senior role that aligns with their expertise, their natural reaction is to engage, not to become suspicious.

We've seen increasingly sophisticated campaigns where attackers spend weeks or even months building credibility. In some cases, victims have gone through multiple rounds of interviews, interacted with convincing company websites, and spoken to individuals using deepfake technology to impersonate real employees. By the time sensitive information is requested, the victim often feels they have already established a legitimate professional relationship.