Watch out, SMBs and MSPs: cybercriminals are pulling off a slick phishing scam using fake Calendly invites that masquerade as recruiters from big names like Unilever, Disney, and Uber to snag your Google Workspace or Facebook ad manager credentials. These professionally crafted lures, likely whipped up with AI, lead victims to bogus scheduling pages that deploy Adversary-in-the-Middle attacks to bypass 2FA and steal login sessions, giving attackers a golden ticket to hijack ads for malware drops or targeted “watering-hole” assaults. Once inside, they can geo-target victims or resell access on the dark web, turning your marketing tools into profit machines for their shady operations. While this isn’t the first rodeo for ad account heists, the precision here means small businesses need to get savvy—use hardware security keys, double-check URLs, and drag pop-ups to the browser edge to spot fakes, because letting IAM slip-ups slide could tank your whole operation.
You May Also Enjoy
Google’s and OpenAI’s Chatbots Can Strip Women in Photos Down to Bikinis
Google’s Gemini and OpenAI’s ChatGPT chatbots, despite their built-in guardrails, are being exploited by shady users to whip up deepfake images that strip fu...
Baker University says 2024 data breach impacts 53,000 people
Baker University’s recent data breach, stemming from a December 2024 intrusion, exposed sensitive info like Social Security numbers, financial details, and h...
Best home automation systems 2025: As a smart home reviewer I rounded up the top ones
Diving into the best home automation systems for 2025, it’s all about balancing tech smarts with your wallet—think startup costs for the basics like a $50-$2...
Coupang breach affecting 33.7 million users raises data protection questions
South Korea’s e-commerce giant Coupang just fumbled a massive data breach, exposing the personal info of 33