A sophisticated phishing campaign is targeting marketing professionals by impersonating major brands like Coca-Cola, Netflix, OpenAI, McKinsey & Company, and Louis Vuitton. First spotted by Team Cymru's Will Thomas, the attackers send personalized job recruitment emails via legitimate HR platform PeopleForce, then route victims through nested redirects — bouncing through Salesforce's ExactTarget and real estate CRM Wise Agent — before landing on a fake Google sign-in page hosted on Netlify.
The multi-hop redirect chain bypasses basic email filters and builds false trust. Over 30 malicious domains have been identified. Password managers and advanced web filtering are recommended defenses.
Source: Dark Reading