Suspicious Contact
Every federal contractor facility has access to U.S. government information, in some form or fashion. As such, every person that works for or with a federal contractor facility has a direct impact on the security of our country and the safety of our people and technology.
We must all be aware of the ways that our adversaries will attempt to exploit us to obtain information. We must know what suspicious contact looks like and how to report it.
What is Suspicious Contact?
Suspicious contact is any effort by any individual, regardless of nationality, to obtain illegal or unauthorized access to information or to compromise an individual, as well as all contacts with known or suspected intelligence officers from any country, or any contact which suggests the individual concerned may be the target of an attempted exploitation.
Suspicious Contact Tactics
Not all suspicious contact is obvious. Elicitation is the strategic use of conversation to extract information from people, without giving them the sense that they are being interrogated, to facilitate future targeting attempts.
Information collectors for foreign intelligence entities (FIE) commonly use elicitation to collect sensitive and/or classified information through what appears to be normal social or professional contact.
According to the DCSA and DNI reports, the top collection methods and contacts are:
Top Methods of Operation:
- Resume Submission *Number 1 method*
- RFI/Solicitation
- Exploitation of Business Activities
- Exploitation of Supply Chain
- Exploitation of Experts
- Exploitation of Cyber Operations
Top Methods of Contact:
- Resumes – Academic & Professional
- Web Form Submissions
- Social Networking Services
- Foreign Visits
Recognizing Suspicious Contact
Likely indicators of elicitation and suspicious contact include:
- Business contact requesting information outside the contract scope
- Hidden/obscured end use/end user data
- Offer of paid attendance at an overseas conference
- A casual acquaintance appears to know more about your work than expected
- A casual contact shows an unusual interest in your work, facility, personnel, or family details
Things you can do to reduce the risk of exploitation:
- Know what information you cannot share and be suspicious of those who seek such information
- Do not share anything the elicitor is not authorized to know, including personal information about yourself, your family, or your coworkers
- Be aware that outreach may occur via social media
- Plan tactful ways to deflect probing or intrusive questions
- Never feel compelled to answer any question that makes you feel uncomfortable
At the heart of it all: No matter where you are, no matter who you are communicating with…Care what you share and report suspicious interactions!
Why Reporting is Critical
It is NOT your job to determine if suspicious communications present a legitimate concern or threat. It IS your responsibility to simply report any suspicious interactions to your FSO. A good rule of thumb: If you have to say “No,” let your Facility Security Officer know.
You must report the following to your FSO immediately:
- Any suspicious emails, phone calls, or social interactions
- Any resumes received from foreign nationals applying to positions requiring U.S. citizenship or security clearance
- Any suspected elicitation attempts at conferences, conventions, seminars, or tradeshows
- If any person asks you questions that seem strange, probing, or obviously inappropriate
Resources and Additional Learning
- DNI 2025 Threat Assessment Report
- Identifying Suspicious Contact
- Suspicious Emails
- 32 CFR Part 117 (NISPOM Rule)
As always, if you have any questions, ask your FSO! FSO PROS® is here to help you navigate things to ensure you fulfill all requirements.
