Germany’s intelligence agency, the BfV, is accusing China of using fake social media accounts to collect personal information from politicians and other high-ranking government officials.

As The Telegraph reported, the BfV said more than 10,000 people were contacted via fake LinkedIn profiles disguising themselves as headhunters, consultants or scholars in order to extract information on people’s habits, hobbies and political interests.

The news followed a nine-month investigation into the large-scale security breach.

Germany alleges that Chinese intelligence officials are behind the scam and have been trying for some time to extract personal information and intelligence through social media. However, Chinese Foreign Ministry spokesman Lu Kang called the accusations “baseless” and urged Germans to “speak and act more responsibly.”

Many of the profiles used photos of attractive men and women with names like ”Rachel Li” or “Alex Li” to entice government official to connect with them. One photo allegedly was lifted straight from an online fashion catalogue, according to Reuters.

The profiles claimed to be employees of organizations such as RiseHR, a Dutch human resources firm, or the Center for Sino-Europe Development Studies, an academic think tank.

Reuters reported that many of those targeted were connected to senior diplomats and politicians across Europe. According to the BfV, a large number of fake profiles and people targeted may yet to be identified. The agency warned German officials not to share personal and sensitive information through social media.

Social Media at Work: Managing Insider Risks

This is not the first time concerns have been raised about the Chinese using covert tactics to access personal information. Chinese hackers targeted UK firms earlier this year to steal sensitive information, data and intellectual property.

It’s a good reminder, however, never to share any personal information over social media – particularly if you don’t know the other person in real life. With LinkedIn in particular, it’s wise only to accept connections from people you know. If a profile seems fake or suspicious, chances are it is. Trust your gut when something seems off.

Employers should create clear social media use policies and enforce them. While LinkedIn and other social sites can be great tools for making business connections, it’s important to set rules for how those sites can be used in the workplace and what information can be shared.

Employee monitoring tools are also highly valuable for identifying when employees are sharing confidential or sensitive business data – via social media or elsewhere. You can set up alerts that flag suspicious activity or policy violations, notifying you in real time. Click below to learn more about Teramind.

Insider Threat Detection