Chinese target 10,000 Germans by using fake Linkedin profiles
GERMANY’S intelligence service has warned that China is using fake profiles on social networks to gather personal information from politicians and other high-ranking officials.
More than 10,000 Germans were contacted by fake profiles on the social networking site Linkedin during a nine-month investigation into the large-scale security breach, Germany’s domestic intelligence agency, known as BFV, said.
The fake profiles were disguised as headhunters, consultants, or scholars with names “Rachel Li” and “Alex Li”, and attempted to trick people into “connecting” with them in order to extract information on their habits, hobbies and political interests, according to the intelligence agency.
“Chinese intelligence services are active on networks like Linkedin and have been trying for a while to extract information and find intelligence sources in this way,” a spokesman said.
Many of the profiles deliberately used photos of stylish and attractive men and women in order to encourage people to befriend them. One photo was even allegedly taken straight out of an online fashion catalogue.
Many of those targeted were connected to senior diplomats and politicians across Europe. The BFV said a “large number” of fake profiles and targeted people have yet to be identified, and called on German citizens to report suspect social media profiles. The agency also warned public officials to be wary about leaking valuable personal information through social media.
“This is a broad-based attempt to infiltrate in particular parliaments, ministries and government agencies,” said Hans-georg Maassen, the head of BFV.
Earlier this year it was revealed that Chinese-based hackers had targeted UK firms to steal sensitive data including personal information and intellectual property.
A report authored by the National Cyber Security Centre (NCSC) and cyber units at defence group BAE systems and accountancy firm PWC found a China-based cyber gang, named APT10, used customised malware and “spear phishing” to target an “unprecedented web” of victims.