At least 10,000 UK nationals have been approached by fake profiles linked to hostile states, on the professional social network LinkedIn, over the past five years, according to MI5.
It warned users who had accepted such connection requests might have then been lured into sharing secrets.
"Malicious profiles" are being used on "an industrial scale", the security agency's chief, Ken McCallum, said.
A campaign has been launched to educate government workers about the threat.
The effort - Think Before You Link - warns foreign spies are targeting those with access to sensitive information.
One concern is the victims' colleagues, in turn, become more willing to accept follow-up requests - because it looks as if they share a mutual acquaintance.
Travel opportunities
pgMI5 did not specifically name LinkedIn but BBC News has learned the Microsoft-owned service is indeed the platform involved.
The 10,000-plus figure includes staff in virtually every government departments as well as key industries, who might be offered speaking or business and travel opportunities that could lead to attempts to recruit them to provide confidential information.
And it is thought a large number of those approached engaged initially with the profiles that contacted them online.
"No-one is immune to being socially manipulated into wrongdoing through these approaches," the guidance given to government staff says.
LinkedIn has said it welcomes the initiative.
