30,000 Facebook accounts stolen via phishing using Google AppSheet

Colleagues, I’d like to draw attention in the cybersecurity field: a large-scale phishing campaign using Google AppSheet has been identified to distribute emails and steal Facebook accounts.
What happened:
- Guardio named the operation AccountDumpling: emails from noreply@appsheet.com redirected to fake pages harvesting logins, 2FA codes and documents; stolen accounts are sold.
- Attackers used Netlify, Vercel, Google Drive/PDF (Canva) and fake job offers; harvested data forwarded to Telegram.
- Estimate: about 30,000 victims across multiple countries; metadata indicates Vietnamese links.
Why it matters: attackers are leveraging trusted platforms as relays, increasing the risk of business-account compromise.
Have you encountered similar emails?
#cybersecurity #phishing #dataprotection #ThreatIntelligence


Latest comments
No comments yet.