A clandestine meeting, a briefcase full of documents, a direct cyber intrusion. This is what one typically thinks of when one hears the word "spy" or "espionage". But in reality, many intelligence operations are extremely mundane. They begin with an ordinary message on a professional platform: an attractive job offer, a proposal for paid consultancy, or an approach from a company that appears entirely legitimate. But behind that seemingly routine communication, however, an intelligence service may be searching for a path to obtain sensitive information.
A recent bulletin issued in early June by the Five Eyes—an Anglosphere intelligence-sharing alliance between the US, the UK, Canada, Australia, and New Zealand—said that Chinese intelligence services are using platforms such as LinkedIn, Indeed, Upwork, and others to target military and government officials, researchers, journalists, and holders of security clearances. The target, in other words, is no longer only the person carrying a classified document. It may be anyone who possesses knowledge, expertise, or relationships that bring them into close contact with sensitive files.
The targeting process often begins in a manner that appears entirely ordinary. An account on a professional platform or recruitment site presents itself as belonging to a consulting firm or a legitimate hiring agency, then sends the target a message offering a job opportunity or paid consultancy assignment. In many cases, these offers revolve around foreign policy, defence, technology, or international affairs.
As the exchange develops, virtual interviews may follow, or the target may be asked to prepare memoranda and short reports that, at first, seem general and give little cause for suspicion. These requests may include political analyses, assessments of particular trends, or research papers on international issues, before gradually shifting toward more sensitive and specialised information.
On 10 June, the US Federal Bureau of Investigation (FBI) disclosed that it had seized more than 12 internet domains allegedly used by Chinese intelligence services, through fictitious consulting companies, to lure military personnel, security clearance holders, and government employees into false job offers and bogus consultancy assignments designed to collect sensitive information. Roman Rozhavsky, assistant director of the FBI’s Counterintelligence Division, said these networks have increasingly relied on artificial intelligence, professional networking platforms, and electronic payment services for recruitment, deception, and intelligence targeting.
All this demonstrates how information-gathering tools are rapidly evolving. The information sought may include an unpublished assessment, knowledge of what is taking place inside an institution, the names of influential figures, or a political appraisal. Such information may appear insignificant at first, but it can be dangerous when used to put together a broader picture. Once the target's trust is secured, requests may shift from general, publicly available subjects to more specialised and sensitive questions.

Widening net
In 2023, MI5 Director General Ken McCallum said that around 20,000 people in the UK had been approached by Chinese-linked actors through LinkedIn and other professional platforms. The figure was striking because it revealed that the targeting was not limited to senior officials or former officers but encompassed a broad range of individuals whose expertise, relationships, or knowledge could be useful to a foreign intelligence service. Beijing was quick to deny the accusations, with its Chinese embassy in London describing them as "pure fabrication and malicious slander" and warning the UK against further undermining bilateral relations.
In the US, the case of Kevin Mallory stands out. The former Central Intelligence Agency officer was facing financial difficulties when, in 2017, he received a message through LinkedIn from a representative of a Chinese research institution—or so he thought. The relationship later developed into meetings and secret communications, before a US court convicted him of transmitting classified defence information to China. In 2019, he was sentenced to 20 years in prison, in a case that has been used to illustrate the dangers of such seemingly mundane approaches.
