{
  "type": "article",
  "title": "This Job Interview Scam Is a Ploy to Steal Your Google Credentials",
  "summary": "A new phishing campaign targeting job seekers is impersonating top brands like Adobe and Netflix to compromise Google account security. Learn the tactics these scammers use to trick candidates into revealing their login information.",
  "content": "It is currently a difficult period for job seekers, and scammers are aggressively preying on candidates who are hopeful of landing a role at reputable companies. A sophisticated new phishing campaign is utilizing fake interview invites to impersonate major brands, such as Adidas, Netflix, Adobe, and FIFA, with the specific intent of stealing Google account credentials. Employment-related scams are certainly not a new phenomenon, but they frequently appear in various guises, ranging from fake job offers sent through text messages to fraudulent applications distributed via Google Forms. Last year, scammers even conducted a similar recruitment email campaign while masquerading as Netflix. The primary objective of these bad actors is typically to phish for sensitive personal information or to manipulate candidates into sending money for various fabricated onboarding expenses.\n\nHow the Fake Job Interview Scam Operates\nThis particular job scam primarily targets marketing professionals seeking high-value positions across a diverse range of sectors, including technology, hospitality, travel, food, entertainment, and luxury goods. The fraud begins with an unsolicited phishing email from a supposed recruiter at one of more than 34 different companies, inviting the candidate to schedule a meeting to discuss the opportunity further. The scammers appear to be utilizing the actual names and professional photos of real recruiters at these organizations, which makes it significantly less likely to raise suspicion if a candidate attempts to verify their legitimacy. If a job seeker clicks the provided link to the recruiter's calendar, they are redirected multiple times and ultimately land on a malicious website specifically crafted to look like a legitimate interview scheduling page. Once on this site, they are prompted to sign in with Google, which triggers a fake login interface that mimics the look of a genuine Google authentication pop-up; however, this is actually just a component of the phishing page. This is a classic example of a browser-in-the-browser (BitB) attack. Threat actors appear to be using a legitimate HR platform known as PeopleForce and a domain operated by Salesforce to initiate this scam, although it remains unclear whether they created their own accounts or are using stolen credentials.\n\nSigns of a Fraudulent Job Scam\nLike most scams, this one preys heavily on human emotion, specifically the excitement and urgency associated with being recruited for a highly desirable position in a competitive job market. If you receive an unsolicited message from a recruiter, whether via email, LinkedIn, or any other social platform, proceed with extreme caution, especially if you never applied for the job or if the opportunity sounds too good to be true. If you are uncertain about the legitimacy of an offer, go directly to the company's official careers page to find the listing independently. Just because a calendar or application link appears to lead to a legitimate site does not mean your data is safe. Scammers have developed numerous ways to spoof URLs or redirect web traffic so that you may not immediately realize you are being phished. Carefully inspect the address bar on the final window for sneaky characters or other suspicious URL tricks. If you are being prompted to enter single sign-on credentials, such as Apple, Google, or Facebook, to schedule an interview or fill out an application, this is a major red flag. Try to interact with the pop-up, such as by dragging it away from the main browser window or highlighting the URL; if you cannot perform these actions, it is likely a fake window. Furthermore, using a password manager can protect you against BitB attacks, as these tools will only fill in your credentials on the legitimate, verified domain.\n\nWhat this means for you\nAcross India: Be extremely cautious when clicking unsolicited links while searching for a job, and always navigate directly to a company's official career page to verify listings.\n\nSecurity Tip: Avoid interacting with browser pop-ups that request your Google or Facebook login credentials for interview scheduling, as these may be malicious phishing attempts.\n\nQuestions & Answers\n\n1. How does this job scam work?\nScammers pose as recruiters from well-known companies, sending emails that lead candidates to a malicious website where they attempt to steal Google account credentials.\n\n2. Which companies are being impersonated?\nThe scam involves impersonating over 34 major brands, including companies like Adidas, Netflix, Adobe, and FIFA.\n\n3. What is a browser-in-the-browser attack?\nThis is a deceptive technique where attackers create a fake login window that mimics a legitimate Google authentication pop-up to harvest user credentials.\n\n4. How can I protect myself from this?\nAlways search for jobs directly on official company career pages, avoid clicking unsolicited links, and test browser pop-ups by trying to drag or highlight them to check for authenticity.",
  "url": "https://trendkia.com/en/money/naukari-dilane-ke-nama-para-chala-raha-bara-ghotala-google-akaunta-ki-janakari-ho-sakati-hai-chori-5957",
  "category": "Money",
  "publishedAt": "2026-07-08",
  "tags": [
    "phishing scam",
    "job fraud",
    "cyber security",
    "Google account",
    "interview",
    "job search"
  ],
  "language": "en",
  "site": "TrendKia"
}