30,000 Facebook Accounts Compromised in Google AppSheet Phishing Scheme

30,000 Facebook Accounts Compromised in Google AppSheet Phishing Scheme

First seen 2 May 2026, 06:09 UTC ThehackernewsCybersecuritynewsGbhackersGround.NewsScworld+8 85% similarity 68.0

Article Content

Browse articles
ThreatCluster

A Vietnamese-linked cyber operation, codenamed AccountDumpling, has compromised around 30,000 Facebook accounts through a sophisticated phishing campaign. The attackers exploited Google AppSheet to send fully authenticated phishing emails, bypassing traditional email security measures. This method allowed them to harvest user credentials and identity documents effectively. The stolen accounts are being sold on an illicit marketplace operated by the threat actors. Guardio Labs discovered this operation, highlighting its global impact. The campaign also utilizes platforms like Netlify and Telegram to enhance its reach and effectiveness. Currently, there are no specific patches or CVEs mentioned to mitigate this threat. Organizations are advised to enhance their email security protocols and user education to combat such phishing attempts.

Key Points: • 30,000 Facebook accounts compromised via a phishing campaign using Google AppSheet. • Attackers bypassed email security by sending authenticated phishing emails. • Stolen accounts are being sold on an illicit marketplace run by the threat actors.

ThreatCluster AI

Timeline

2026-05-01
The phishing campaign was reported by Guardio Labs.
2026-05-02
Details of the operation published across multiple cybersecurity news outlets.

Community

Browse all →