Federal law enforcement on Wednesday announced it had seized 13 internet domains that the U.S. Justice Department described as fronts for fake consulting companies. According to the department, those websites were established to recruit current or former U.S. government and military employees and then push applicants for proprietary or insider information to suspected Chinese agents.
The Justice Department said the sham firms advertised roles such as consulting or analyst positions, using those listings to identify and approach individuals with potential access to sensitive material. Once contact was established, applicants reportedly faced pressure to provide exclusive information, the department said in its statement.
The announcement of the domain seizures came roughly one week after the United States, Britain and other members of the Five Eyes intelligence partnership issued a warning that China is increasingly and aggressively using job platforms to target people for information. That coordination among allied intelligence services preceded the seizures, according to the timeline in the Justice Department statement.
The Chinese Embassy in Washington did not immediately respond to a request for comment on Wednesday. Separately, the Chinese Embassy in London rejected the Five Eyes warning, calling the Western claims "pure fabrication and malicious slander," the embassy told reporters.
In the Justice Department statement, U.S. Attorney Jeanine Pirro for the District of Columbia said the seizures were intended to demonstrate that attempts to exploit Americans with access to sensitive information would be uncovered and dismantled. "(Wednesday’s) seizures send a clear message that any attempts to exploit Americans trusted with access to our nation’s most sensitive information will be exposed and dismantled," her office said.
Claims that Chinese intelligence actors have used fake consultancies to approach American and other Western officials are not new. In March 2025, reporting showed a similar network of counterfeit consulting firms trying to recruit federal employees who had recently been fired amid a downsizing and reshaping of government personnel under President Donald Trump.
U.S. authorities point to earlier high-profile prosecutions and public-awareness efforts to illustrate the methods used in these campaigns. In September 2020, the FBI together with the National Counterintelligence and Security Center released a short film dramatizing the case of Kevin Mallory, a former CIA officer who in 2019 was sentenced to 20 years in prison after being convicted of conspiring to transmit U.S. defense secrets to China. Court records show Mallory had initially been recruited for foreign policy consulting via social media, and his case is featured on an FBI website that warns about so-called "virtual espionage" using comparable tactics.
The Justice Department's action underscores concerns about the evolving ways in which foreign intelligence services may attempt to access sensitive information by exploiting job-seeking channels and professional recruiting language. The government statement framed the domain seizures as a tangible step to interrupt networks that use commercial cover - in this instance, phony consultancies - to approach individuals with potentially sensitive access.
Context and implications
The seizures come at a moment of heightened attention to recruiting tactics that blend legitimate hiring practices with covert intelligence collection. Federal officials and allied partners have emphasized monitoring job platforms and social media as vectors for contact and recruitment that do not require face-to-face approaches.
Authorities described the seized domains as part of an effort to identify and enlist people who could be persuaded to share exclusive or insider material. The Justice Department and allied agencies are using public statements, legal actions and outreach to raise awareness of these methods among current and former government personnel.