Phishing job interviews steal Google credentials
π Security teams have uncovered a targeted phishing campaign impersonating over 30 major brands to lure candidates into fake job interviews and harvest Google account passwords. Attackers use realistic recruiter names, photos and PeopleForce-sent messages to appear legitimate, and links redirect through trusted domains to a calendar booking page that prompts a Google sign-in. The scheme leverages a browser-in-the-browser trick where a fake Google auth pop-up captures credentials, though password managers can often block autofill. The campaign has operated for months and highlights growing sophistication in recruitment scams amid workplace uncertainty.
