Live Cybersecurity News Ticker | Codekeeper

Phishing Scam Poses as Big Brands to Steal Google Credentials from Marketing Pros

Written by Content Team | Jul 9, 2026 12:23:30 PM

A sophisticated phishing campaign is targeting marketing professionals by impersonating major brands like Coca-Cola, Netflix, OpenAI, McKinsey & Company, and Louis Vuitton. First spotted by Team Cymru's Will Thomas, the attackers send personalized job recruitment emails via legitimate HR platform PeopleForce, then route victims through nested redirects — bouncing through Salesforce's ExactTarget and real estate CRM Wise Agent — before landing on a fake Google sign-in page hosted on Netlify.

The multi-hop redirect chain bypasses basic email filters and builds false trust. Over 30 malicious domains have been identified. Password managers and advanced web filtering are recommended defenses.

Source: Dark Reading