The United States has issued a strong warning about a rising threat from Chinese intelligence agencies targeting current and former federal workers using fake job offers. This alert comes during a wave of job cuts launched by Elon Musk's Department of Government Efficiency, also known as DOGE.
On Tuesday, the National Counterintelligence and Security Centre (NCSC) raised concerns about deceptive tactics used by Chinese agents. These agents are reportedly posing as job recruiters from consulting firms, think tanks, and corporate headhunters to lure U.S. government employees into sharing sensitive information.
"Foreign intelligence entities, particularly those in China, are targeting current and former US government employees for recruitment by pretending to be legitimate organizations on professional platforms," said the NCSC in a public bulletin.
The alert warns that online targeting has become more advanced in recent months. Many of the individuals being approached are actively seeking new jobs after being impacted by recent federal job cuts. Musk's DOGE initiative has led to major workforce reductions, affecting thousands of federal positions. This situation has made many vulnerable to phishing and other deceptive methods.
The NCSC noted that most of these fake job offers begin online. Agents often reach out through sites like LinkedIn, online job boards, or even direct emails and private messages. They may use fake company names or pretend to be from trusted nations, making their efforts harder to detect.
The Chinese Embassy in Washington has not responded to requests for comment.
The U.S. government has responded by publishing guidelines aimed at protecting federal workers and their employers from falling into these traps. These include safety measures both for individual users and organizations.
The NCSC advises workers to be cautious about what they share online. This includes avoiding posts that mention job duties or any details related to security clearance. It also warns against accepting friend or connection requests from people they do not know or recognize. Officials urge individuals to carefully check the background of any person or company offering a new job.
For those still employed by the government, strict rules remain in place. Outside employment offers, including part-time or freelance work, must be reported and approved. All offers should be reviewed by a security officer to avoid possible security breaches.
The NCSC also urged employers to take action. Companies and government departments are encouraged to train their staff on cyber hygiene. Employees should know which job details are sensitive and should never be shared. Clear guidance from employers can help prevent confusion and lower the chances of falling for fake offers.
Officials further advised that different departments — including HR, IT, and security — must work together when employees leave the organization. Coordinated offboarding can help protect internal data and reduce risks. Employers are also encouraged to offer support to laid-off workers, such as career counseling, mental health services, and financial advice.
In this growing age of digital scams and international tension, the NCSC's message is clear: vigilance is necessary. As the U.S. faces rising cyber threats, especially from China, both individuals and organizations must act smartly to stay safe. Federal employees and contractors, whether active or retired, are at particular risk because of the valuable knowledge they possess.
The U.S. government has not named specific Chinese firms or agencies behind these recruitment scams. But officials stressed that the threat is real and ongoing. They called on all federal workers, past and present, to treat any unexpected job offer or recruiter contact with skepticism.
With thousands now unemployed due to DOGE's reforms, the timing of this warning is seen as especially important. Experts say Chinese agents are using this moment of instability to expand their reach.
The NCSC continues to work with federal agencies and private firms to boost cyber defenses and prevent future breaches. More updates are expected in the coming weeks as the situation unfolds. For now, officials urge all affected individuals to think twice before clicking "accept" on that next connection request.
