Phishing attacks have long been used to deceive individuals into surrendering sensitive information like login credentials and personal data. But cybersecurity researchers from TeamT5 have now uncovered a more insidious and sophisticated method of cyber exploitation—one that disguises itself as a lucrative job opportunity.
According to their findings, Chinese cyber operatives are targeting recently laid-off professionals in the United States and Taiwan, luring them with high-paying job offers. These offers, however, are nothing more than elaborate traps designed to extract confidential company information. Once the attackers obtain what they want, the victims are cut off—without pay, without a formal offer letter, and with no traceable ties to the recruiters.
This new form of cyber-espionage is believed to be orchestrated by a Chinese firm known as Smiao Intelligence, which is also referred to as Smiao Networks or Pine Intelligence. The company’s deceptive tactic involves hiring former employees—particularly those with access to sensitive corporate or military data—under false pretenses. Victims are asked to complete tasks or projects that effectively amount to intelligence gathering. Once the information is harvested, the recruiters fabricate performance issues to sever ties and move on to the next target.
What’s especially alarming is the profile of individuals being targeted. These are not random victims. In one documented case from April 2025, an American Army Intelligence analyst was recruited and exploited for access to classified military documents—specifically, 92 files containing sensitive data.
TeamT5 reports that Smiao Intelligence operates out of Beijing and Taiwan and maintains connections with RiverMerge Strategies, a political consulting firm that has allegedly expanded into espionage activities. The collaboration between such entities suggests a more coordinated effort behind these recruitment scams, potentially state-sponsored.
For companies planning workforce reductions, particularly involving high-value employees, this discovery should serve as a wake-up call. Organizations must take steps to protect proprietary information even after an employee has left. Likewise, professionals leaving their roles should be wary of too-good-to-be-true job offers from unfamiliar recruiters, especially those that ask for company-specific knowledge or access.
In a time when digital threats evolve faster than many can respond, vigilance is no longer optional—it’s essential. Falling victim to such schemes not only compromises sensitive information but can also irreparably damage one’s career and reputation.
Join our LinkedIn group Information Security Community!
