Cybercriminals take advantage of Google AppSheet (a legitimate Google service) to send phishing emails from @appsheet.com addresses, easily bypassing security checks (SPF, DKIM, DMARC) and making the emails look real.
The fake email contains a copyright infringement notice, threatening to block Facebook accounts within 24 hours, and includes a "Submit an Appeal" button. When clicked, the victim is taken to a fake Facebook login page hosted on the reputable Vercel platform, further increasing its credibility.
Pay special attention to phishing emails from @appsheet.com "Facebook Lock Warning.
What's more, the fake page is hosted on Vercel, a reputable platform, adding credibility to the entire scam.
Here, if the user enters their login information and two-factor authentication (2FA) code, all this data will be sent directly to the attacker.
In particular, this trick also "reports an incorrect password" the first time so that the victim can re-enter and verify the information. At that time, the hacker collects all login information and 2FA authentication codes and immediately takes over access.
Experts say the danger is that hackers can also steal session tokens (the token code of the login session), helping to maintain access even when the user has changed the password.
- To avoid losing your Facebook account due to this sophisticated trick, users are advised to:
- - Never click on protest links in strange emails.
- - Always double check the website address before logging in
- - Enable additional security alerts on Facebook and social media platforms
- - When detecting suspicion, change the password and choose to log out of all devices
Source: https://khoahocdoisong.vn/chieu-moi-hack-facebook-bat-chap-ma-bao-mat-2-lop-post1555128.html
![[Photo] Da Nang: Hundreds of people join hands to clean up a vital tourist route after storm No. 13](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/07/1762491638903_image-3-1353-jpg.webp)
Comment (0)