Facebook phishing scam uses Google AppSheet to steal 30,000 accounts
Key takeaways
- The activity, codenamed Account Dumpling by Guardio, involves a scheme where stolen accounts are sold through an illicit storefront run by threat actors.
- This false urgency directs users to a fake web page designed to harvest credentials.
- Guardio identified four main attack clusters.
Why this matters: local context for readers following news across Pakistan and the region.
Add ARY News on Google. A newly discovered Vietnamese-linked operation has been observed using Google App Sheet as a phishing relay to distribute malicious emails aiming to compromise Facebook accounts.
The activity, codenamed Account Dumpling by Guardio, involves a scheme where stolen accounts are sold through an illicit storefront run by threat actors. Roughly 30,000 Facebook accounts have been hacked during this campaign.
Security researcher Shaked Chen described the campaign as a living operation with real-time operator panels, advanced evasion techniques, and a criminal-commercial loop that continuously feeds on stolen accounts, underscoring the need for ongoing vigilance.