That message in your LinkedIn inbox? The one offering high pay, remote flexibility, and a role that sounds like it was made for your government résumé?
It might be more than just a job offer—it could be a front for a foreign intelligence operation.
That’s the warning out of AFOSI Public Affairs, which just issued a stark alert: current and former Department of the Air Force personnel are being targeted in increasingly sophisticated online recruitment schemes. And the trend isn’t isolated—these tactics are now hitting across the entire federal workforce.
According to officials from the Air Force Office of Special Investigations (AFOSI), foreign intelligence entities are posing as recruiters, consultants, and think tank reps—offering enticing gigs that double as social engineering campaigns.
“These aren’t just job offers, they’re intelligence operations in disguise,” said Special Agent Lee Russ, executive director of AFOSI’s Office of Special Projects.
The Bait Looks Legit—Until It Isn’t
The tactics sound familiar—because they are. The messages might start out as standard networking: someone compliments your career history, says your federal experience is just what they’re looking for, and floats a consulting opportunity that’s flexible, remote, and high-paying.
But as the analyst behind AFOSI’s warning explained, it’s the normalcy that makes it dangerous.
“They’re using professional norms and targeting people who’ve let their guard down because the interaction seems normal.”
Foreign Adversaries Are Getting Smarter—and More Patient
These aren’t quick-hit phishing attempts. Instead, foreign actors are playing the long game—building trust slowly, avoiding red flags, and only gradually introducing requests that cross a line.
Sometimes they’ll ask for a brief report. Then maybe a little insight into policy. And suddenly, the conversation has shifted into national security territory.
“They’re not going to ask for secrets right away,” the analyst said. “They build credibility first. By the time it feels suspicious, a relationship has already been established.”
Who’s Being Targeted?
Everyone. Not just current service members or those with TS/SCI badges.
If you’ve ever worked in or around the DoD, you’re fair game. That includes:
- Active-duty military
- Reservists and Guard members
- Civilian employees
- Contractors
- Federal retirees
Why the wide net? Because adversaries aren’t just after classified information—they’re after strategic insights, relationships, and any detail that might give them an edge.
“The reality is, if you’ve ever had access to sensitive material—classified or not—you’re a potential target.”
Red Flags to Watch For
According to AFOSI and the National Counterintelligence and Security Center (NCSC), here are some warning signs that your recruiter might be something more:
- Unusually high pay for minimal work
- Fast hiring and payment cycles
- Pressure to move conversations to encrypted apps or off professional platforms
- Flattery that feels a little too tailored
- Vague or unverifiable company details
- “Exclusive opportunities” that seem too good to pass up
“Urgency tactics are designed to bypass due diligence and rush targets into compromising decisions,” Russ said.
Why Reporting Matters—Even If You Just Ignored the Message
One of the most important points from AFOSI? Even if you didn’t respond to the sketchy recruiter, you should still report it.
“We’re not looking to punish someone for being contacted,” the analyst said. “But we are trying to understand the tactics being used so we can protect others.”
Reporting helps identify patterns, stop operations before they escalate, and protect the broader cleared workforce. It’s part of a bigger picture: staying vigilant in a space where the lines between counterintelligence and personal privacy are getting blurrier by the day.
“We’re not going to investigate our way out of this,” the analyst added. “The scope is too broad. The most powerful weapon we have is self-reporting.”
What You Can Do
If you think you’ve been targeted, or just want to stay ahead of the curve, here’s how to help:
- Report suspicious outreach through AFOSI at osi.af.mil/contact or the FBI at tips.fbi.gov
- Learn more through ncsc.gov, dcsa.mil, or fbi.gov
- Know the signs—and educate your peers who may not be plugged into these risks
Programs like Eagle Eyes are already in place to support these efforts—encouraging military and civilian personnel to report anything out of the ordinary.
Today’s foreign intelligence threats don’t kick down the door. They send a connection request. They offer a gig. They ask for your “expert insight.” The reality is that if you have a security clearance, you need to be on a system that isn’t open to just anyone who wants to have access <cough, ClearanceJobs.com, cough>😉.
So the next time someone slides into your DMs promising six figures for a few hours of work—ask yourself who’s really on the other end. Because in this fight, your inbox might be the first battlefield.
