You won't believe how 30,000 Facebook users got hacked in a massive phishing scam - and how you can protect yourself
30,000 Facebook accounts hacked via AppSheet phishing emails, exploiting Meta lures, leading to large-scale account theft and resale.
The hacking operation, codenamed AccountDumpling by Guardio, used a Google AppSheet as a phishing relay to distribute emails that compromised Facebook accounts. Approximately 30,000 Facebook accounts were hacked, with the attackers exploiting Meta lures to gain access. The operation is linked to Vietnamese hackers, who used the stolen accounts for large-scale resale. The attackers' use of Google AppSheet as a phishing relay allowed them to evade detection and distribute phishing emails on a massive scale.
This phishing scam directly affects Facebook users who may have had their accounts compromised, potentially leading to financial losses or identity theft. The average cost of identity theft per victim is around $1,200, making this a significant financial burden for those affected. Facebook users who have had their accounts hacked may also experience a loss of personal data and privacy. This scam highlights the importance of being cautious when clicking on links or providing personal information online.
The AccountDumpling operation is part of a larger trend of phishing scams targeting social media users. In recent years, there has been an increase in phishing attacks using legitimate services like Google AppSheet to distribute malicious emails. Insiders know that these types of attacks are often linked to organized crime groups, who use the stolen data to commit further crimes. The use of Vietnamese hackers in this operation also highlights the global nature of cybercrime.
In the coming weeks, Facebook and Google are expected to release a joint statement on the measures they will take to prevent similar phishing scams in the future. A report by Guardio is also expected to be released, providing further details on the AccountDumpling operation and its impact. Notably, the hackers behind the AccountDumpling operation were able to evade detection for months by using a technique called "domain name system tunneling", which allowed them to hide their malicious activity from security software.
You won't believe which AI voice assistant is now smarter than Siri and can control your car - it's not what you think!
You're being watched: the shocking truth about government surveillance and how it affects you
You won't believe the devastating Linux flaw that's putting millions of servers at risk - and how it could affect your daily life
You won't believe the ancient tech Google is putting in its new smartphones
AI systems are being programmed with bizarre and mysterious rules - what does it mean when a major AI company tells its machines to 'never talk about goblins'?
Microsoft's Unexpected Move: Why You Might Need to Re-login to Your Outlook Account