Cybercriminals take advantage of Google AppSheet (a legitimate Google service) to send phishing emails from @appsheet.com addresses, easily bypassing security checks (SPF, DKIM, DMARC) and making the emails look real.
The fake email contains a copyright infringement notice, threatening to block Facebook accounts within 24 hours, and includes a "Submit an Appeal" button. When clicked, the victim is taken to a fake Facebook login page hosted on the reputable Vercel platform, further increasing its credibility.
Be especially careful with phishing emails from @appsheet.com "Facebook lock warning.
What's more, the fake page is hosted on Vercel, a reputable platform, adding credibility to the entire scam.
Here, if the user enters their login information and two-factor authentication (2FA) code, all this data will be sent directly to the attacker.
In particular, this trick also "reports incorrect password" the first time so that the victim can re-enter and verify the information. At that time, the hacker collects all login information, 2FA authentication code and immediately takes access.
Experts say the danger is that hackers can also steal session tokens, helping to maintain access even after the user has changed their password.
- To avoid losing your Facebook account due to this sophisticated trick, users are advised to :
- - Absolutely do not click on protest links in strange emails.
- - Always double check the website address before logging in
- - Enable additional security alerts on Facebook and social media platforms
- - When detecting suspicion, change the password and choose to log out of all devices.
Source: https://khoahocdoisong.vn/chieu-moi-hack-facebook-bat-chap-ma-bao-mat-2-lop-post1555128.html
![[Infographic] In 2025, 47 products will achieve national OCOP](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/7/16/5d672398b0744db3ab920e05db8e5b7d)
Comment (0)