Tel Aviv, Israel / New Delhi, India — May 4, 2026
A large-scale cyberattack leveraging trusted online platforms has compromised more than 30,000 user accounts globally, according to cybersecurity researchers, raising fresh concerns over phishing threats and platform misuse.
The attack, dubbed “AccountDumpling,” was uncovered by Guardio researcher Shaked Chen, who detailed how hackers exploited legitimate tools to bypass traditional security filters.
Abuse of Trusted Services Like Google AppSheet
Hackers reportedly used email addresses generated via Google AppSheet to send phishing messages that appeared credible and evaded spam detection systems.
Victims—primarily users of business accounts on platforms owned by Meta—were warned that their accounts were at risk of permanent deletion. In a panic, many users clicked on malicious links and unknowingly shared login credentials.
These stolen accounts were later listed for sale on underground marketplaces, highlighting the monetization chain behind such cyberattacks.
Four Key Phishing Techniques Identified
Researchers outlined four major tactics used in the campaign:
- Fake Support Pages: Phishing websites hosted on Netlify mimicked official help centers, asking for sensitive details such as phone numbers, birth dates, and government IDs.
- 2FA Code Theft: Pages hosted on Vercel tricked users into solving fake CAPTCHAs, capturing two-factor authentication (2FA) codes.
- Document-Based Scams: Fraudulent PDFs created via Canva and shared through Google Drive requested passwords and screenshots under the guise of verification.
- Job Offer Scams: Fake employment offers from major brands like WhatsApp, Apple, and Coca-Cola were used to lure victims into sharing personal data.
Links to Vietnam Emerge
Investigators found evidence linking the campaign to Vietnam. Metadata analysis of phishing documents revealed the name “PHẠM TÀI TÂN,” which was also associated with a digital marketing website.
The operation has impacted users across multiple countries, including India, the United States, Italy, Canada, and Australia.
Growing Risks in the AI and Digital Ecosystem
The incident highlights a growing trend where cybercriminals exploit trusted platforms and automation tools to enhance the credibility of scams.
Security experts warn that as digital ecosystems expand, attackers are increasingly leveraging legitimate infrastructure to scale operations and avoid detection.
What Users Should Do
Experts recommend the following precautions:
- Avoid clicking on links in unsolicited emails
- Verify account alerts directly through official websites
- Never share passwords or 2FA codes
- Enable advanced security features on business accounts
