Hackers Using Prominent Company Brands for Fake Job Interviews to Steal Google Accounts

Date:

Malicious cyber actors are posing as recruiters from top global companies to dupe people into applying for nonexistent jobs so they can steal their Google account information.The hackers are sending phishing emails while pretending to hire people for marketing roles, said Will Thomas, a senior threat intel adviser at cybersecurity company Team Cymru, according to a July 5 post published on developer platform GitHub.“The email addresses the individual by their name and the individual works in the relevant field, therefore the attackers likely did some relevant research and collection,” the post said.The target is then required to click a link to book a meeting and is asked to submit the credentials of his or her Gmail account.An example phishing email shows the threat actor posing as a talent acquisition manager for management consulting firm McKinsey & Company. It says the target’s career profile “caught our attention.” The email then asks the target to click a “View Calendar & Schedule Call” link if interested in working for the company.When the target clicks, they go to a landing webpage that purportedly seeks to schedule a 30-minute meeting with the manager. The page has a “Continue with Google” button at the bottom that looks genuine but is illegitimate. If the target complies, they end up granting the hackers access to their Google credentials.Thomas said the attackers are using various legitimate platforms to carry out the scam.The email is sent from PeopleForce, which is a genuine online Human Resource Management and Applicant Tracking System platform, with the email pointing to Salesforce Marketing Cloud.The attackers have been seen impersonating 20 major companies that operate in airlines and travel, food and beverage, apparel and luxury goods, hospitality and marketing, entertainment and sports, and staffing, consulting, and tech sectors. This includes American Airlines, Delta Airlines, United Airlines, Coca-Cola, Red Bull, PepsiCo, Adidas, Louis Vuitton, OpenAI, Adobe, Marriott, FIFA, and Netflix.The threat actors use fake domains of these companies as landing pages to dupe targets into thinking they are on legitimate webpages. For instance, a scam letter claiming to be from Netflix or OpenAI can direct the target to jobsatnetflix.com or careers-openai.com, which are owned by the hacker.Employment ScamsAccording to the FBI’s Internet Crime Report 2025, the agency’s Internet Crime Complaint Center received 24,688 complaints of employment scams last year, with losses totaling more than $362 million.The report said that artificial intelligence may be used by criminals in employment scams. The scammers can use voice spoofing or deepfakes while conducting online interviews of potential applicants.“In these interviews, the actions and lip movement of the person interviewed on-camera do not completely coordinate with the audio of the person speaking,” the report said.“At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.”In a June 26 statement, the FBI said it has joined forces with LinkedIn to educate people about employment scams.According to the FBI, most job scams aim for one of three objectives: to find individuals to act as money mules, to force people into labor, or to find people who can help steal the personally identifiable information of other individuals.In the last case, fraudsters frame the jobs as something legitimate to dupe applicants, with job titles like onboarding specialist, compliance reviewer, HR assistant, or know your customer/identity verification agent.Once hired, the individuals are made to collect identity documents from other people, unknowingly helping criminals harvest stolen identities.Forced labor scams involve luring victims abroad with offers of jobs. Once the person lands in a foreign country, their passport gets confiscated. They are then forced to work in heavily guarded compounds where they are required to scam various people.“Job seekers are uniquely vulnerable—not because they lack judgment but because they’re operating in an environment where urgency and opportunity are constant,” said Rebecca L. Keithley, assistant section chief of the Financial Crimes Section in the FBI’s Criminal Division.

spot_imgspot_imgspot_img

Share post:

More like this
Related

Trump Calls Ukraine Strikes Deep Inside Russia an Escalation That Could Help End War

U.S. President Donald Trump said on July 8 that...

US Will Probably Conduct More Strikes Against Iran, Trump Says

U.S. President Donald Trump said on July 8 that...

Apple Expands US Chip Production in $30 Billion Broadcom Deal

Apple is expanding its U.S. chip manufacturing push through...

Home Sales, New Listings Show Notable Increase: Zillow

Home sales figures increased in June on both a...