A new phishing campaign is turning the excitement of job hunting into a digital trap. Fraudsters are sending fake interview invitations that imitate well-known brands such as Adidas, Netflix, Adobe, and FIFA, with the goal of capturing Google account credentials.
How the scam unfolds
The scheme typically begins with an unsolicited email from someone posing as a recruiter. The message invites the recipient to schedule an interview, often using the names and profile photos of real hiring staff to appear credible. The targets are frequently marketing professionals, especially those seeking roles at major companies across technology, hospitality, travel, entertainment, food, and luxury sectors.
When the candidate clicks the scheduling link, the path redirects through several pages before landing on a site designed to resemble a legitimate interview booking portal. At that point, the user is asked to sign in with Google, triggering a fake authentication window built to steal login details. Security researchers describe this as a browser-in-the-browser technique, a deceptive method that mimics a real login pop-up inside the page itself.
The operation appears to rely on a mix of legitimate-looking HR tools and web infrastructure, making the setup feel familiar and harder to question at first glance.
How to stay alert
Unsolicited recruiter messages deserve extra caution, especially if you never applied for the role or the opportunity feels unusually attractive. A safer approach is to visit the company's official careers page directly and verify whether the position actually exists.
It is also important to inspect the final web address carefully. Even links that seem trustworthy can hide subtle changes in the URL. If a site asks for single sign-on access through Google, Apple, or Facebook just to schedule an interview, that should be treated as a warning sign. Password managers can add another layer of protection because they only autofill credentials on genuine domains.
As hiring increasingly moves online, stronger verification habits and smarter browser defenses may help shape a safer future for digital recruitment.