Close Menu
Most Read

Vietnamese threat group leverages AppSheet for Facebook phishing

Staff WriterBy No Comments2 Mins Read4 Views

Quick Takeaways

  1. Vietnamese threat actors are using Google AppSheet to send sophisticated phishing emails impersonating Meta Support, bypassing spam filters and targeting Facebook Business account owners.
  2. The operation, AccountDumpling, has compromised around 30,000 Facebook accounts, stealing credentials, 2FA codes, personal data, and government IDs for resale.
  3. Evidence links the campaign to individual PHẠM TÀI TÂN, with stolen accounts sold on illicit markets, showcasing the misuse of trusted platforms for malicious activities.

Threat Overview, Techniques, and Targets

A cyber threat operation linked to Vietnamese actors has been identified. This operation uses Google AppSheet to send fake emails pretending to be Meta Support. The goal is to steal Facebook account information. This campaign is called AccountDumpling by Guardio. It has compromised around 30,000 Facebook accounts. The attackers target Facebook Business account owners. They send emails that seem legitimate because they come from a real Google AppSheet address. The emails create a sense of urgency. They may say an account is disabled or threaten copyright issues. They also include fake job offers. Victims are directed to fake websites that ask for credentials, two-factor codes, personal details, and government IDs. The stolen data is often shared through Telegram channels. Evidence suggests that a Vietnamese person named PHẠM TÀI TÂN is behind this operation.

Impact, Security Implications, and Remediation Guidance

This operation can cause serious harm. Victims may lose control of their Facebook accounts or have their personal information stolen. Because the emails use trusted platforms like Google AppSheet, they can get past spam filters easily. Attackers can later sell stolen accounts on illegal marketplaces. This increases the risk of further fraud and data theft. Organizations should be aware of these tactics. To stay protected, users should be cautious about clicking links in suspicious emails. It is important to verify the sender before providing any information. If you suspect you are targeted, seek security advice from the relevant vendor or authority. Remediation steps should be obtained from trusted sources to ensure proper response.

Continue Your Tech Journey

Stay informed on the revolutionary breakthroughs in Quantum Computing research.

Stay inspired by the vast knowledge available on Wikipedia.

ThreatIntel-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.