Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Tesla, Red Bull, and Ferrari brand-impersonation career phishing campaign

Campaign
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

A career-themed phishing campaign has been using Tesla, Red Bull, and Ferrari job lures to steal credentials and PII from social media and marketing professionals. The operation has been active since February and relies on brand spoofing to slip past filters and user scrutiny. Victims are sent through fake application flows that lead to Glassdoor-style and Facebook login pages. The shift to collecting resumes and login data increases the value of the stolen information for future abuse.

Related Happenings

AccountDumpling Google AppSheet Facebook phishing campaign

Campaign
First: 01.05.2026 21:09 Last: 01.05.2026 21:09 Sources 1

About this happening: A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...

Open Happening

Bitpanda impersonation phishing campaign using fake MFA flow

Campaign
First: 24.02.2026 18:05 Last: 24.02.2026 18:05 Sources 1

About this happening: A **phishing campaign** impersonating **Bitpanda** is stealing **credentials** and **personal data** from cryptocurrency brokerage users, raising account-takeover risk. The operat...

Open Happening

Jinkusu's Starkiller phishing-as-a-service ecosystem commoditizes account takeover

Threat Actor Meta
First: 20.02.2026 22:00 Last: 20.02.2026 22:00 Sources 1

About this happening: A new phishing-as-a-service operation tied to **Jinkusu** is proxying real login pages through attacker infrastructure, making **MFA bypass** and account takeover easier for low-s...

Open Happening

Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service

Threat Actor Meta
First: 19.02.2026 14:00 Last: 19.02.2026 14:00 Sources 1

About this happening: The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...

Open Happening

U.S. survey finds high phishing exposure and weak URL-checking habits

Target Trend
First: 25.01.2026 17:17 Last: 25.01.2026 17:17 Sources 1

About this happening: A **recent 2000-person U.S. survey** found that phishing exposure remains widespread and that many users still skip basic URL checks before clicking, increasing credential-theft r...

Open Happening

Timeline

  1. 08.10.2025 16:48 2 articles · 7mo ago

    Cofense discloses Tesla, Red Bull, and Ferrari job-lure phishing campaign

    Initial Disclosure

    Cofense tracks a job-themed spear-phishing campaign that impersonates Tesla, Red Bull, and Ferrari to target social media and marketing professionals with fake recruitment offers. The lure chain uses brand logos, a CAPTCHA page, counterfeit Glassdoor pages, and spoofed Facebook login flows to collect email credentials, Facebook login information, resumes, and other PII for future social-engineering abuse.

    Show sources
    Open in new tab