Phishing Scam Poses as Big Brands to Steal Google Credentials from Marketing Pros
Sophisticated phishing targets marketers via major brands, bypassing filters with multi-hop redirects. Learn how to protect yourself now.
By
Content Team
ON THIS PAGE
Want more insights like this?
Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.
By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.
A sophisticated phishing campaign is targeting marketing professionals by impersonating major brands like Coca-Cola, Netflix, OpenAI, McKinsey & Company, and Louis Vuitton. First spotted by Team Cymru's Will Thomas, the attackers send personalized job recruitment emails via legitimate HR platform PeopleForce, then route victims through nested redirects — bouncing through Salesforce's ExactTarget and real estate CRM Wise Agent — before landing on a fake Google sign-in page hosted on Netlify.
The multi-hop redirect chain bypasses basic email filters and builds false trust. Over 30 malicious domains have been identified. Password managers and advanced web filtering are recommended defenses.
Source: Dark Reading
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo