Fake LinkedIn Recruiters Are Targeting Government Workers and Veterans

What's Happening

Five Eyes intelligence agencies have confirmed that Chinese intelligence officers are creating fake LinkedIn profiles to pose as corporate recruiters. Their targets: government employees, military personnel, veterans, and defense contractors with security clearances. This isn't a new tactic, but the scale and sophistication have reached alarming levels.

The Details

Here's how these scams work. A fake recruiter contacts you on LinkedIn with an attractive job offer, often at a prestigious company with better pay than your current role. The profile looks legitimate with a professional photo, company logo, and connection network. They ask you to fill out detailed application forms that request information about your work history, security clearance level, and current projects.

Sometimes they'll invite you to click links to download job descriptions or application documents. These files can contain malware that gives attackers access to your computer and network. In other cases, they build a relationship over weeks or months, eventually asking you to share sensitive information or connect them with colleagues.

The end goal isn't always immediate. Foreign intelligence services play the long game. They collect information, build profiles, and look for people they can exploit or recruit. Even seemingly harmless details about your workplace, schedule, or projects can be valuable pieces of a larger intelligence puzzle.

Who Is Affected

If you or someone in your family works for a government agency, serves in the military, or works for a defense contractor, pay close attention. Veterans with past security clearances are also targets because they often maintain industry connections and institutional knowledge.

But this threat extends beyond clearance holders. Spouses, adult children, and friends of targeted individuals can become secondary targets. Attackers may approach family members to gather information or gain access to their primary target. If your LinkedIn profile mentions a family member who works in a sensitive role, you could receive contact.

What You Should Do Right Now

1. Review your LinkedIn privacy settings today. Go to Settings & Privacy, then Visibility. Limit who can see your connections, email address, and profile details to "Connections only."

The Bigger Picture

Social engineering attacks are becoming more sophisticated because they work. Attackers know that people trust professional platforms like LinkedIn and want to believe good opportunities are real. The human element remains the weakest link in cybersecurity, which is why staying informed and skeptical protects not just you, but everyone in your network and workplace.

How GetCyberRight Can Help

Our GCR Scam Guard tool can help you verify suspicious recruiter websites before you click any links or share information. It analyzes URLs and websites in real time to detect phishing attempts and fraudulent pages disguised as legitimate job application portals. If a recruiter sends you a link, run it through Scam Guard first. It takes five seconds and could save your career and security clearance.