Phishing Campaign Impersonates Major Brands to Steal Facebook Credentials

Published 2025-10-22 19:24:04 | www.scworld.com
Phishing Credential Theft Social Engineering Actor: Unknown Threat Actors Sector: Various (targeting Multiple Brands) Region: Global

🎙️ Paranoid Newscast

🎭
Credibility
65%
📊
Risk Score
56%
🎲
Likelihood
8/10
💥
Impact
7/10
🛡️
Priority
4/5
A phishing campaign is impersonating well-known brands like KFC, Red Bull, and Ferrari to compromise Facebook login details. Malicious emails lead targets to a fake job posting site where they are prompted to enter their credentials.

HackRead reports that widely known brands, including KFC, Red Bull, and Ferrari, have been impersonated in fraudulent job postings aimed at compromising Facebook login details as part of a sweeping credential phishing campaign. Threat actors have delivered malicious emails with a suspected templated or large language model-generated text that includes a link redirecting to a phony image challenge security check, which then takes targets to a bogus job on a Glassdoor-looking website, according to a Sublime Security report.

Targets are then lured to use either their email or Facebook account to login, with the latter prompting the appearance of a progress indicator that never finishes loading, said researchers, who noted that such a scam is indicated by the use of suspicious URLs and email addresses that are not aligned with the spoofed brand's actual website. Such a development comes after Microsoft 365 and Google Workspace users were reported by Sublime Security researchers to have their login details targeted through fake Google job offers.