A widespread phishing campaign has compromised nearly 30,000 Facebook accounts globally by exploiting trusted digital tools to deliver deceptive messages. The operation, identified as “Account Dumpling,” was uncovered by cybersecurity firm Guardio, where researcher Shaked Chen revealed how attackers manipulated reliable platforms to bypass security checks and gain user trust.
The attackers reportedly leveraged Google AppSheet’s official email system to distribute phishing emails that appeared authentic. By sending messages through a trusted service, the campaign successfully avoided spam filters and increased the chances of users believing the alerts.
The emails posed as Meta’s support team and warned users that their Facebook accounts faced permanent deletion. Under urgency, victims were redirected to malicious links, where they unknowingly entered login credentials, allowing attackers to take control of their accounts.
The campaign deployed multiple phishing strategies to gather sensitive information. Fraudulent Facebook Help Center pages were created to collect details such as date of birth, phone numbers and identity documents.
Attackers also introduced fake “security check” and “blue badge verification” pages featuring counterfeit CAPTCHA systems. These were designed to trick users into sharing 2-factor authentication codes. Additionally, phishing documents created via Google Drive and Canva were used to request passwords and screenshots under the guise of account verification.
Investigations revealed that hacked Facebook accounts and sensitive data were later sold through Telegram channels. The stolen information is believed to have been used for cyber fraud, identity theft and other illegal activities.
The campaign impacted users across India, the United States, Italy, Canada and Australia, highlighting its global reach. Investigators found links pointing to Vietnam, including metadata from Canva files containing the name “PHẠM TÀI TÂN.” Further tracing connected this name to a digital marketing website.
Cybersecurity experts warned that attackers are increasingly exploiting trusted platforms to make phishing attempts look legitimate. Users are advised to stay alert, verify suspicious links, use strong passwords and enable 2-factor authentication.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
