Fake Netflix, Coca-Cola, and FIFA job scams target marketers


Attackers are impersonating major companies and recruiters to target marketing professionals, using trusted services and browser tricks to make the scam look legitimate.

A BleepingComputer article detailing the campaign found at least 34 domains impersonating high-value companies, including Netflix, Coca-Cola, Adidas, and FIFA.

The lure is a fake job interview or scheduling request from a “recruiter” representing one of these major companies. The impersonating website then shows the victim a fake Google sign-in pop-up built inside the page, rather than a real browser window.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Securing ambient AI in healthcare: governance is the new front line

    March 5, 2026

    Ambient AI is no longer experimental. It’s live. From AI-powered clinical documentation assistants to remote monitoring systems and intelligent patient engagement agents, healthcare organizations are embedding AI directly into care delivery. The promise is compelling: less administrative burden, faster insights, and more time with patients. But as AI enters clinical workflows, a more urgent question emerges: ...

  • New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

    March 5, 2026

    Trend Micro researchers recently found the existence of a new stealer binary that collects browser and cryptocurrency wallet data, system information, and common files, among others. The researchers designated this new stealer BoryptGrab. Certain variants of the stealer can download a PyInstaller backdoor, which Trend Micro refer to as TunnesshClient. TunnesshClient establishes a reverse Secure Shell ...

  • Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors

    March 5, 2026

    Microsoft is warning of a new phishing campaign which aims to deploy persistent backdoors to victim’s computers. In a new in-depth analysis, the company’s researchers said they recently spotted multiple phishing campaigns, currently not attributed to any known threat actors, which send out emails with weaponized PDF files (financial documents, invoices), fake meeting invitations, or organizational ...

  • ‘Hundreds’ of Iranian hacking attempts have hit surveillance cameras since the missile strikes

    March 4, 2026

    Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. The Tel Aviv-based security shop has tracked “hundreds” of attempts to exploit a handful of bugs in IP cameras made by two manufacturers, Hikvision and Dahua, ...

  • CIMB refutes claims of data breach involving 1.2 million records

    March 4, 2026

    CIMB Group Holdings Bhd has given assurance that claims circulating online about a data breach involving its customers are false and that customer data continues to be protected. The financial services provider said on social media platform X that its security teams have verified that all systems are secure and that customer data remains fully safeguarded. ...

  • Europol, Microsoft, TrendAI and Collaborators Halt Tycoon 2FA Operations

    March 4, 2026

    Researchers from TrendAI have been tracking the infrastructure, as well as the campaigns and operator behaviors that can be linked to Tycoon 2FA to build a clearer picture of how its services was being used at scale. By November 2025, TrendAI had collected enough data to link the operation to an actor using the monikers “SaaadFridi” ...