DOJ, FBI Seize 13 Domains in Chinese Recruitment Op
Data Breach TodayArchived Jun 12, 2026✓ Full text saved
Fake Recruiting Sites Used for Info Gathering The Department of Justice and FBI seized 13 websites tied to an alleged Chinese intelligence gathering operation, using fake recruiting firms and deceptive job offers to target current and former U.S. government employees and security clearance holders.
Full text archived locally
✦ AI Summary· Claude Sonnet
Fraud Management & Cybercrime , Social Engineering
DOJ, FBI Seize 13 Domains in Chinese Recruitment Op
Fake Recruiting Sites Used for Info Gathering
Greg Sirico • June 11, 2026
Credit Eligible
Get Permission
Image: Shutterstock
The U.S. Department of Justice and FBI seized 13 domains linked to an alleged Chinese intelligence operation targeting current and former U.S. government employees and security clearance holders.
See Also: How Organizations Are Strengthening Defenses Against Scattered Spider
Authorities said Wednesday the disrupted online network, which first surfaced in November 2023, supported an array of fraudulent consulting firms used to identify, recruit and exploit U.S. government workers for their access to federal systems or sensitive information. According to prosecutors, the domains - disguised as legitimate consulting or recruiting firms - tailored employment advertising to current and former government employees and service members.
Investigators believe the domains are just one part of a much broader intelligence-gathering operation focused on nonpublic information, sourced from U.S. personnel.
Assistant Director of the FBI’s Counterintelligence and Espionage Division Roman Rozhavsky said the agency's seizure of domains illustrates "the lengths the Chinese government’s intelligence services will go" to coerce clearance holders into divulging or selling sensitive information.
"The FBI and our partners have observed China’s intelligence services resort to using artificial intelligence, professional networking sites and online payment platforms to target Americans," said Rozhavsky.
The websites featured generic job listings and included messaging that indicated an effort to recruit "current or former U.S. government and U.S. military employees to provide expertise to unspecified clients." The alleged threat actors behind the campaign recruited through social media or on platforms such as Upwork, Expertia AI, Hubstaff Talent, Wellfound and Post Job Free.
Conspirators behind the campaign offered applicants and potential recruits money in exchange for information, used cryptocurrency to mask real identities online and registered for payment accounts with fake names.
Earlier this month, the Five Eyes intelligence alliance - comprised of the United States, United Kingdom, Canada, Australia and New Zealand - warned that Chinese intelligence operations are utilizing deceptive tactics and recruitment as a means to gain classified or sensitive information, posing as company representatives, recruiters and other professionals.
The FBI said the seizure was successful largely due to individuals who reported suspicious job listings or were individually contacted by campaign operators. The bureau directed current or former government employees and security clearance holders to "remain vigilant, recognize the warning signs and report suspicious activity" to the agency.