You won't believe how 30,000 Facebook users got hacked in a massive phishing scam - and how you can protect yourself
30,000 Facebook accounts hacked via AppSheet phishing emails, exploiting Meta lures, leading to large-scale account theft and resale.
The hacking operation, codenamed AccountDumpling by Guardio, used a Google AppSheet as a phishing relay to distribute emails that compromised Facebook accounts. Approximately 30,000 Facebook accounts were hacked, with the attackers exploiting Meta lures to gain access. The operation is linked to Vietnamese hackers, who used the stolen accounts for large-scale resale. The attackers' use of Google AppSheet as a phishing relay allowed them to evade detection and distribute phishing emails on a massive scale.
This phishing scam directly affects Facebook users who may have had their accounts compromised, potentially leading to financial losses or identity theft. The average cost of identity theft per victim is around $1,200, making this a significant financial burden for those affected. Facebook users who have had their accounts hacked may also experience a loss of personal data and privacy. This scam highlights the importance of being cautious when clicking on links or providing personal information online.
The AccountDumpling operation is part of a larger trend of phishing scams targeting social media users. In recent years, there has been an increase in phishing attacks using legitimate services like Google AppSheet to distribute malicious emails. Insiders know that these types of attacks are often linked to organized crime groups, who use the stolen data to commit further crimes. The use of Vietnamese hackers in this operation also highlights the global nature of cybercrime.
In the coming weeks, Facebook and Google are expected to release a joint statement on the measures they will take to prevent similar phishing scams in the future. A report by Guardio is also expected to be released, providing further details on the AccountDumpling operation and its impact. Notably, the hackers behind the AccountDumpling operation were able to evade detection for months by using a technique called "domain name system tunneling", which allowed them to hide their malicious activity from security software.
You won't believe the shocking change Google just made to Chrome updates - and how it affects YOU
You won't believe which beloved games might be coming to PC next, but there's a catch that could change the gaming landscape forever
Hackers just hijacked over 400 Linux packages to steal your data - is your computer at risk?
Nintendo's shocking loss in a 2-year battle against Palworld makers: what does this mean for the future of gaming?
You won't believe what's really inside Trump's phone - it's not what you think!
You Won't Believe What Apple Just Said About Siri's Future