Phishing Campaign Targets Marketing Professionals with Fake Job Interviews

Phishing Campaign Targets Marketing Professionals with Fake Job Interviews

First seen 7 Jul 2026, 12:27 UTC BleepingcomputerGbhackersCybersecuritynews 76% similarity 67.5

Article Content

Browse articles
ThreatCluster

A phishing campaign is impersonating over 30 major brands, including Adobe and Netflix, to steal Google account credentials from marketing professionals. The attackers pose as recruiters offering marketing roles, using the PeopleForce HR platform to lend credibility. The campaign employs nested redirects through legitimate services, ultimately leading victims to a malicious landing page designed to capture Gmail credentials. The operation has been active for at least five months, utilizing real names and images of recruiters to enhance trust. Victims are misled into signing into a fake Google authentication prompt. The threat actor may have created accounts on legitimate platforms or used compromised logins to configure the phishing setup. A list of domains involved in the campaign has been made available by researchers. Security teams have reported a 54% success rate in these phishing attempts.

Key Points: • Phishing campaign impersonates over 30 major brands to steal credentials. • Attackers use legitimate platforms to create a convincing phishing environment. • The operation has been active for at least five months with significant success.

ThreatCluster AI

Timeline

2026-02-06
Phishing campaign discovered
Researchers identified a phishing campaign targeting marketing professionals using fake job interviews.
BleepingComputer
2026-02-06
Use of legitimate platforms confirmed
The campaign abuses the PeopleForce HR platform and Salesforce Marketing Cloud services to mask malicious intent.
BleepingComputer
2026-07-06
Campaign details published
A detailed analysis of the phishing campaign was released, revealing its methods and scope.
Gbhackers

Community

Browse all →