30,000 Facebook Accounts Hacked in Google AppSheet Phishing Campaign

by Emma Davis
4 days ago

A Google AppSheet phishing wave dubbed AccountDumpling hijacked roughly 30,000 Facebook accounts, many tied to business pages and ad access.

A Vietnamese-linked phishing operation dubbed AccountDumpling abused Google AppSheet to send Meta-themed emails from [email protected], helping the attackers compromise roughly 30,000 Facebook accounts and resell access through underground channels.[1][2]

Satirical cartoon showing a phishing clerk abusing a trusted mail system to steal Facebook account access
The envelopes looked official enough. The problem started when the “support desk” asked for the whole ring of keys.

The campaign focused on Facebook Business users with urgent notices about appeals, copyright complaints, verification reviews, and page disablement. According to Guardio, victims were pushed to phishing pages hosted on services such as Netlify and Vercel, where credentials, contact details, government ID images, and even 2FA codes were harvested and forwarded to attacker-controlled Telegram channels.[1][2]

What to do if you received one of these emails

If an email claims your page will be deleted unless you “appeal” immediately, do not use the button inside the message. Open Facebook directly, check Business settings from the official site, and reset your password, sessions, and two-factor settings if you already submitted anything. It is also worth reviewing our guides on what to do after a hacked Facebook account and common phishing scam patterns.[1][3]

Guardio said the victim records it reviewed were concentrated in the U.S., Italy, Canada, the Philippines, India, Spain, Australia, the U.K., Brazil, and Mexico, which suggests this was not a tiny test campaign but a broad attempt to monetize compromised Facebook access at scale.[1]

References

  1. Guardio Labs, “AccountDumpling” – The Google-Sent Phishing Wave Hijacking 30k Facebook Accounts, published April 29, 2026.
  2. The Hacker News, 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign, published May 1, 2026.
  3. HowToFix.Guide, Hacked Facebook account and Phishing Scams, accessed May 1, 2026.

Related: Meta later disclosed another account-recovery failure where attackers abused an AI-assisted support tool; see Meta AI Support Hack Exposed 20,225 Instagram Accounts.

Related: Google later described a larger AI-assisted smishing operation, Outsider Enterprise, where fake text alerts and phishing pages were produced at scale to steal credentials and payment data.

About the author

Emma Davis

Content editor and security writer focused on making malware-removal and scam-prevention guides easier to understand. Emma reviews structure, clarity, and source consistency before articles are published.

View all posts

Leave a Comment