<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Phishing Scam Poses as Big Brands to Steal Google Credentials from Marketing Pros

Sophisticated phishing targets marketers via major brands, bypassing filters with multi-hop redirects. Learn how to protect yourself now.
Content Team

A sophisticated phishing campaign is targeting marketing professionals by impersonating major brands like Coca-Cola, Netflix, OpenAI, McKinsey & Company, and Louis Vuitton. First spotted by Team Cymru's Will Thomas, the attackers send personalized job recruitment emails via legitimate HR platform PeopleForce, then route victims through nested redirects — bouncing through Salesforce's ExactTarget and real estate CRM Wise Agent — before landing on a fake Google sign-in page hosted on Netlify.

The multi-hop redirect chain bypasses basic email filters and builds false trust. Over 30 malicious domains have been identified. Password managers and advanced web filtering are recommended defenses.

Source: Dark Reading

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo