How Chinese Agents Identify Their Targets
Professional platforms like LinkedIn and Indeed are a dream come true for intelligence agencies: millions of people voluntarily post detailed information about their career histories, skills, current and past employers, and sometimes even their future career plans. For an intelligence agency seeking individuals with access to sensitive information in specific sectors, these platforms are vast recruitment databases that don’t even need to be hacked—the targets profile themselves.
The Chinese agents documented in the court cases cited by ASIO used fictitious profiles posing as students, researchers, or consultants seeking experts for paid assignments. The initial approach is made under the guise of a legitimate professional interest—a conference, a consulting report, or expertise on a specific topic. A relationship is established, trust is built, and the request for sensitive information comes only once the target has been sufficiently engaged.
The Profile of Preferred Targets
The Five Eyes warning specifies the categories of preferred targets: government officials with security clearances in the departments of defense, foreign affairs, and finance; applied science researchers working on dual-use technologies; private contractors in the defense industry; and public policy experts likely to be aware of non-public government positions on sensitive issues.
Among the most targeted sectors are cybersecurity, military artificial intelligence, advanced weapons systems, government communications networks, and sensitive economic policies such as sanctions and export controls. This mapping of targets reflects the technological and strategic priorities documented by the People’s Republic of China in its five-year plans and published military directives.
There is something deeply unsettling about the realization that your LinkedIn profile could make you a target for a foreign state’s intelligence services. This is not paranoia—it is a reality documented by actual court convictions. The question for every professional in sensitive sectors is: Am I publicly sharing more information about my work than I should?
Ambassador Xiao Qian vs. ASIO: A Revealing Confrontation
Beijing’s Diplomatic Response
The reaction of the Chinese ambassador to Australia, Xiao Qian, to the Five Eyes warning was immediate and aggressive. On July 1, 2026, he publicly attacked ASIO and the entire alliance, calling their allegations political fabrications aimed at damaging Sino-Australian relations and fueling a Cold War mentality. This rhetoric is identical to that used by Beijing’s spokespeople in response to similar accusations in other Five Eyes member countries.
Beijing’s strategy of immediate and aggressive denial in the face of espionage allegations follows a well-documented pattern. Any allegation is automatically portrayed as a political attack, a manifestation of anti-Chinese racism, or a U.S. plot against China. This type of response aims to blur the lines in public opinion in the countries concerned and to create a divide between those who take the accusations seriously and those who view them as Sinophobia.
ASIO’s Response: The Evidence Speaks for Itself
Faced with Ambassador Xiao Qian’s attacks, ASIO did not back down. The agency responded by citing two specific, recent court cases: a Melbourne resident and a Sydney resident were convicted by independent Australian courts for passing sensitive information to agents linked to Chinese military intelligence. These convictions are public, verifiable in court records, and cannot simply be dismissed as political fabrications.
This confrontation between Beijing’s ambassador and the Australian counterintelligence agency is symptomatic of broader tensions in Australia-China relations—a bilateral relationship that has experienced major turbulence since 2020, when Canberra called for an independent investigation into the origins of COVID-19, triggering a series of Chinese economic retaliatory measures. Relations have partially normalized since then, but institutional mistrust remains deep.
The public confrontation between Ambassador Xiao Qian and ASIO illustrates an important point: when democracies have solid evidence and court convictions to cite, Beijing’s denials do not hold up. The problem is that in many espionage cases, the evidence remains classified, and denial can take hold. That is why public warnings like the one on July 1 are valuable—they declassify enough information to inform the public while keeping what must remain secret.
The Two Convicted Australians: The Cases That Confirm the Warning
The Australian Legal Framework on Espionage
Australia has significantly strengthened its anti-espionage and anti-foreign interference legislation since 2018, with the adoption of the Foreign Influence Transparency Scheme and amendments to the Security Legislation Amendment Act. These new laws have broadened the legal definitions of espionage and foreign interference, making it easier to prosecute cases that could not have been addressed under previous legislation. The recent convictions cited by ASIO are a direct result of these legislative changes.
These court cases represent instances that could be documented and proven beyond a reasonable doubt in a court of law. Counterintelligence agencies generally estimate that the actual number of cases is significantly higher than those that result in prosecution. Convictions are the visible—and confirmed—part of a much broader activity.
Pressure on Australian Diaspora Communities
Beyond cases of espionage in the strict sense, ASIO has documented broader pressure exerted by agents and organizations linked to Beijing on Chinese diaspora communities in Australia. This pressure aims to monitor and intimidate pro-democracy activists, advocates for Taiwanese and Tibetan independence, journalists critical of the regime, and members of the Uyghur refugee community.
These influence operations—documented in particular by the Australian parliamentary commission on foreign interference—are distinct from pure intelligence-gathering operations, but they use some of the same networks and channels. They illustrate the global reach of Beijing’s influence apparatus, which does not stop at the borders of the People’s Republic of China.
I want to make a clear distinction here: we are talking about operations carried out by a foreign state apparatus, not criminal behavior by the Australian Chinese community in general. The vast majority of Australians of Chinese descent have nothing to do with these activities and are often themselves the primary victims of Beijing’s surveillance abroad. This distinction is not a mere detail—it is a matter of basic justice.
AI-Powered Recruitment: The Next Frontier of Chinese Espionage
AI as Both a Target and a Recruitment Tool
The Five Eyes warning issued on July 1, 2026, comes amid a context in which U.S. congressional hearings the previous week had highlighted that Chinese economic espionage now primarily targets the artificial intelligence sector. This dual aspect—AI as both a target of espionage and a recruitment tool—is particularly concerning.
Regarding AI as a recruitment tool: intelligence agencies are already using algorithms to analyze professional networks, identify individuals in situations of financial or professional vulnerability, and tailor their approaches. Deepfakes and AI-generated avatars can be used to create more convincing fake recruiters. These technological capabilities are transforming the effectiveness and reach of recruitment operations—a well-documented problem that the counterintelligence agencies of the Five Eyes countries are working to monitor.
AI Researchers: Prime Targets
Artificial intelligence researchers working at universities or defense laboratories are prime targets for Chinese military intelligence. Their research may have direct military applications—autonomous weapons systems, intelligence analysis, large-scale deception and disinformation, and cyberdefense. An AI researcher approached with what appears to be an academic consulting offer may unwittingly provide information on unpublished work that represents years of technological advancement.
The United States, the United Kingdom, and other Five Eyes member countries have developed awareness programs specifically targeting researchers in AI and applied sciences, alerting them to the risks of being approached through professional networks. These training and awareness programs are documented in the annual reports of national security agencies.
There is a profound irony in the fact that platforms designed to facilitate professional networking and employment have become vectors for espionage. LinkedIn and Indeed cannot be held responsible for the malicious use of their tools by foreign government agencies—but they do have a responsibility to develop detection tools and to cooperate with authorities when suspicious activity is reported.
China's Covert Police Stations and the Global Reach of the Apparatus
A Documented Network of Extraterritorial Operations
Recruitment operations via LinkedIn are part of a broader pattern of extraterritorial activities carried out by China’s security apparatus abroad. Organizations such as Safeguard Defenders have documented the existence of at least 100 clandestine Chinese security offices operating in Europe and other parts of the world, including at least four in the United Kingdom. These facilities, sometimes disguised as cultural or business associations, are used to monitor dissidents, exert pressure on families still in China, and facilitate intelligence operations.
In the United States, the Department of Justice has prosecuted several individuals accused of operating undeclared police stations on behalf of Beijing in cities such as New York. These cases—some of which have resulted in convictions, while others are still pending—illustrate the scale and diversity of China’s extraterritorial operations in Western democracies.
Cybersecurity as a Complementary Dimension
The human recruitment documented by the Five Eyes on July 1, 2026, is just one aspect of Chinese operations against Western governments and companies. The cyber dimension is complementary and often linked: agents recruited via LinkedIn can provide access to protected networks that facilitate the work of hacking teams. The two vectors—human and cyber—often operate in tandem as part of an integrated intelligence strategy.
Cybersecurity reports—notably those published by firms such as Mandiant, CrowdStrike, and Recorded Future—have documented how hacking groups linked to the PLA sometimes use information obtained through human recruitment to refine their cyber targeting. This integration of human intelligence and cyber intelligence is a hallmark of the most sophisticated intelligence services.
I realize this report may seem alarmist. I prefer to call it realistic. The facts—court convictions, coordinated warnings from intelligence alliances, and reports from national security agencies—paint a coherent and well-documented picture of large-scale espionage activities. To claim otherwise would be a form of disinformation by omission.
Conclusion: A Necessary Wake-Up Call for Open Democracies
What This Warning Requires of Institutions
The Five Eyes’ joint warning of July 1, 2026, is not merely a news bulletin—it is a call for institutional action. The governments of member countries must strengthen vetting procedures for individuals with access to sensitive information, develop training programs on approaches via professional networks, and cooperate with digital platforms to identify and block malicious recruitment operations.
Private-sector companies, particularly those operating in sensitive sectors, also have a responsibility: to train their employees on the risks of being approached through professional networks, establish clear reporting protocols, and cooperate with counterintelligence authorities when suspicious activities are identified. National security is no longer just a matter for government agencies—in an economy where private innovation is a strategic resource, it concerns all economic actors.
What This Means for Individuals
For professionals working in sensitive sectors—government, defense, research, and dual-use technologies—the Five Eyes warning serves as a concrete reminder. A LinkedIn approach offering a paid assignment on topics related to your work warrants rigorous verification before any commitment is made. Payments via PayPal for professional information should immediately raise red flags. Common sense and proper training are the first lines of defense against these operations.
Western democracies have a structural advantage over authoritarian regimes: their ability to publicly inform their citizens about threats, to create accessible reporting mechanisms, and to prosecute confirmed cases transparently. The July 1, 2026, warning is an exercise of this democratic advantage—a level of transparency regarding threats that authoritarian regimes can never afford to provide to their own populations.
I conclude this report with a firm conviction: the best defense against Chinese espionage is not secrecy—it is precisely the transparency and public information that the Five Eyes chose to provide on July 1, 2026. When you know that LinkedIn can be used to recruit you as a source for a foreign power, you are infinitely better equipped to resist such an approach. Knowledge is a form of shield.
Final Verdict
A Well-Founded Warning, a Documented Threat
The joint Five Eyes warning issued on July 1, 2026, is based on documented factual evidence: proven court convictions, verified recruitment methods (fictitious LinkedIn profiles, PayPal payments), and an espionage doctrine consistent with the known strategic priorities of Chinese military intelligence. Ambassador Xiao Qian’s attack did not invalidate these facts—it revealed Beijing’s strategy: deny, accuse, divide.
ASIO’s response—fact-based and citing specific court convictions—illustrates what democratic institutions do best when they function properly: countering accusations with facts. This model deserves to be emulated by all security agencies in Five Eyes member countries and beyond.
Vigilance: A Necessary Collective Investment
The fight against foreign espionage is not a discretionary budget item in democracies—it is a strategic investment of the highest order. Losses of intellectual property, compromises of classified information, and interference in political processes carry real, measurable, and lasting costs. Every dollar invested in awareness, training, and counterintelligence capabilities yields benefits that far exceed their initial cost.
The Chinese espionage documented on July 1, 2026, is not an abstract or hypothetical threat. It involves individuals convicted by independent courts, traced payments, and compromised information. Faced with this reality, democracies do not have the luxury of indifference.
I conclude this report with a feeling I cannot entirely suppress: anger. Not toward the Australians who were recruited—their journey deserves to be understood, not rashly condemned. Anger directed at a state apparatus that uses the tools of an open society—LinkedIn, PayPal, freedom of communication—to turn them against that very society. This is a betrayal of the rules of the game that democracies have established.
What the West Must Do Now
Coordination among allies must be stepped up
The joint warning issued by the Five Eyes on July 1, 2026, is a model worth emulating. Member countries of NATO, the EU, and the Quad should adopt similar mechanisms for information sharing and coordinated public alerts regarding documented espionage threats. Coordination among allied intelligence agencies on these issues already exists—bringing some of it into the public domain, as the Five Eyes did on July 1, is a strategic decision that deserves to be emulated more widely.
France, Germany, and other European countries that are not members of the Five Eyes face the same threats—their own domestic security agencies have published similar reports on recruitment operations via social media. Greater integration of these assessments into a coordinated public communication framework would strengthen the message sent to Beijing.
Regulating Professional Platforms in the Face of Espionage
LinkedIn and Indeed have a role to play in addressing this threat. Detecting fake profiles used for espionage recruitment operations, cooperating with counterintelligence agencies in democratic countries, and implementing reporting mechanisms accessible to users are concrete measures that these platforms can and must develop. The freedom to connect professionally online cannot exist without safeguards against state actors who use it as a vehicle for illegal operations.
This responsibility of the platforms is also a regulatory issue that democratic governments must address directly—through appropriate legislation, requirements for cooperation with national security authorities, and transparency obligations regarding detected malicious activities. The regulation of digital platforms is not limited to the protection of personal data—it now extends to national security.
By Maxime Marquette, columnist
I conclude this report with an open-ended question that I also ask myself: Am I vigilant enough about my own online presence, given that my work as a columnist touches on sensitive geopolitical topics? I am not a government official with security clearance, but journalists and columnists who cover these topics are not entirely immune to attempts at influence or recruitment either. It is a reality that I face with clear-eyed awareness.
Sources
Primary Sources
ABC Australia — Chinese Ambassador and ASIO Clash Over Foreign Interference — July 1, 2026
Japan Forward — China Recruits Spies via LinkedIn and Indeed, According to a Five Eyes Report — 2026
Secondary sources
Biometric Update — New Espionage Threats Force a Rethinking of Biometric Controls — June 2026
This content was created with the help of AI.