A new phishing campaign is targeting marketing professionals with fraudulent job offers from well-known brands to compromise their Google accounts. The operation employs nested redirects and other evasion techniques to bypass security filters and trick victims into entering their credentials.

The campaign poses a credible threat due to its use of brand impersonation and social engineering. Targeting marketing roles gives attackers access to corporate social media and ad accounts, potentially enabling broader corporate network intrusions.

Technical analysis reveals the phishing emails contain links that undergo multiple redirects through trusted domains before landing on a malicious login page. This chain of redirects complicates detection by email security gateways and web filters. The final page mimics the Google sign-in interface with precision.

No specific patches or software updates address this threat directly. Organizations should enforce multi-factor authentication, train employees to verify job offers through official channels, and deploy advanced email filtering to detect redirect chains.

Attribution for the campaign remains unclear, though the techniques suggest a financially motivated actor with moderate technical sophistication. The ongoing nature of the threat calls for sustained vigilance in the marketing sector.