Fake Netflix, Coca-Cola, and FIFA job scams target marketers
Attackers are impersonating major companies and recruiters to target marketing professionals, 2026-7-7 13:43:44 Author: www.malwarebytes.com(查看原文) 阅读量:6 收藏

Attackers are impersonating major companies and recruiters to target marketing professionals, using trusted services and browser tricks to make the scam look legitimate.

A BleepingComputer article detailing the campaign found at least 34 domains impersonating high-value companies, including Netflix, Coca-Cola, Adidas, and FIFA.

The lure is a fake job interview or scheduling request from a “recruiter” representing one of these major companies. The impersonating website then shows the victim a fake Google sign-in pop-up built inside the page, rather than a real browser window.

Example of sign-in window

To avoid detection, the attackers route victims through a chain of legitimate services before they reach the phishing site. So, instead of going straight from A to D, you go A → B → C → D. In phishing, attackers use this to make the final malicious site look less suspicious, because the victim passes through legitimate-looking services first.

“The operation is abusing the legitimate cloud-based PeopleForce human resources platform and a domain associated with the Salesforce Marketing Cloud service before redirecting the recipient to a malicious landing page.”

BleepingComputer noted that the campaign has been running for at least five months and primarily targets people in marketing roles. We know from our own investigations that job-themed phishing is extremely common and is likely especially effective while entry-level positions remain highly competitive and AI continues to shape the job market.

How to stay safe

Campaigns like these show how AI-enabled scams reshape scams, identity theft, and the ways attackers exploit trust.

As Stefan Dasic wrote in a post about a similar campaign that phished for Facebook credentials:

“The best protection isn’t spotting the fake—it’s knowing that no legitimate hiring process will ever require you to authenticate through an unfamiliar page, whether it’s dressed up as Google, Facebook, or anything else. When in doubt, close the tab, go to the company’s website yourself, and apply the old-fashioned way.”

Other useful tips include:

  • Don’t click links or open attachments in unsolicited job offers.
  • Use a password manager. It won’t autofill your Google username and password on a fake website.
  • Use an up-to-date, real-time anti-malware solution with web protection.

Pro tip: Malwarebytes Scam Guard would have helped identify this attack as a scam.


Something feel off? Check it before you click.  

Malwarebytes Scam Guard helps you analyze suspicious links, texts, and screenshots instantly.  

Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.  

Try it free → 

About the author

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.


文章来源: https://www.malwarebytes.com/blog/scams/2026/07/fake-netflix-coca-cola-and-fifa-job-scams-target-marketers
如有侵权请联系:admin#unsafe.sh