Scams & Phishing News Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
1,047
5,601
2,168
Germany
Have you received an email from a recruiter at Adobe, Netflix, or OpenAI offering you an exciting new marketing role? Well, before you start brushing up your interview technique, take a closer look at who is really behind it.

Security experts have uncovered a phishing campaign which impersonates over 30 well-known brands in fake job interviews designed to steal Google account passwords.

Will Thomas, a threat intelligence researcher Team Cymru, identified malicious domains that spoof household names including Adidas, Adobe, American Airlines, Aquent, Booking.com, Coca-Cola, Delta Air Lines, FIFA, Levis, Louis Vuitton, ManpowerGroup, Marriott, McKinsey & Company, Netflix, Omnicom Group, OpenAI, PepsiCo, Red Bull, Sephora, and United Airlines.

What makes the campaign more dangerous is its attention to detail. Rather than using a generic "Dear Job Candidate" email, the attackers appear to have done their homework (most likely via via LinkedIn) addressing recipients by name and targeting people who work in the relevant field.
Read the full Story:
 
  • Like
Reactions: Halp2001
Read the full Story:
Fake Job Interview Phishing Campaign - What to Watch For

This campaign is a good example of how phishing has evolved beyond generic, poorly-written scam emails. By personalizing messages with a recipient's name and job field (likely scraped from LinkedIn), attackers significantly increase the chance that a target will trust the email and click through.

Why This Campaign Is Effective

  • Impersonating over 30 recognizable global brands lends false credibility
  • Personalization removes the "generic template" red flag most people are trained to spot
  • Job-seekers are often in an emotionally invested, hopeful state, which can lower normal skepticism
  • The end goal, stealing Google account credentials, gives attackers access to email, cloud storage, and potentially any other service tied to that Google account (password resets, 2FA recovery, etc.)

Practical Protections

  • Always verify recruiter emails by checking the sender's actual domain, not just the display name
  • Go directly to a company's official careers page rather than clicking links in unsolicited emails
  • Never enter Google (or any) credentials on a page reached through an email link, log in by navigating to accounts.google.com manually instead
  • Enable two-factor authentication on your Google account, ideally using an authenticator app or hardware security key rather than SMS
  • If you're unsure whether a link or domain is legitimate, submitting it to a service like VirusTotal can help, though a clean result does not guarantee safety, especially for newly registered phishing domains

If You've Already Clicked or Entered Credentials

Change the Google account password immediately from a trusted device, review recent account activity for unfamiliar sign-ins, and revoke access for any unrecognized connected apps. Enabling 2FA afterward, if not already active, adds an important layer of protection going forward.

This type of targeted, brand-impersonation phishing is likely to keep evolving, so treating unsolicited "opportunity" emails with caution, even when they look convincingly personalized, remains the most reliable defense.
 

You may also like...