The DOJ and FBI report disabling 13 websites tied to suspected Chinese agents seeking sensitive U.S. information. The scheme allegedly used tailored offers and personas to lure security clearance holders and other targeted victims.

The U.S. Department of Justice and FBI announced the seizure/disablement of 13 domains used in a targeted deception campaign. Prosecutors say the websites were backed by suspected Chinese agents and sought sensitive U.S. information from people associated with U.S. security clearance processes. According to the release, the sites relied on crafted personas and lures designed to overcome skepticism and encourage victims to interact with fraudulent communications and applications. The operation is described as a deception pattern that overlaps with credential theft and other fraud tactics, because the initial contact and subsequent engagement can be used to extract valuable data or move victims into further compromise. The DOJ/FBI notice highlights that the campaign included deception techniques that scammers use to appear legitimate—positioning the operation to look like an authentic opportunity while directing victims toward interaction pathways controlled by the threat actors. The takedown matters for U.S. residents and clearance-related populations because online domains can serve as the front door for broader targeting. By disabling the domains, the government disrupted the attackers’ ability to maintain access, distribute malicious tools or deceptive content, and continue recruiting victims through impersonation-driven workflows. The release links the actions to broader national security and cyber-investigation efforts.