New Facebook Hacking Tactic: Stealing Both Password and Two-Factor Authentication Codes – Don’t Rush to Click “Submit an Appeal”!
01:57:00 | 15-08-2025

 

Cybercriminals are exploiting Google AppSheet—a legitimate Google service—to send phishing emails from @appsheet.com addresses. This allows the messages to bypass standard email security checks (SPF, DKIM, DMARC) and appear authentic.

The fraudulent emails claim a copyright violation and threaten to disable the victim’s Facebook account within 24 hours, including a “Submit an Appeal” button. Clicking this directs victims to a fake Facebook login page, hosted on the reputable Vercel platform, further enhancing credibility.

Notably, the scheme deliberately returns a “wrong password” error on the first attempt, prompting victims to re-enter their credentials for verification. At that point, attackers harvest the login details and 2FA authentication codes, then immediately take over the account.

Experts warn that the danger goes further: hackers also steal the session token—the login session identifier—allowing them to maintain access even if the victim changes their password.

To avoid losing your Facebook account to this sophisticated tactic, users are advised:

  • Never click on appeal links in suspicious or unexpected emails.

  • Always verify the website address before logging in.

  • Enable additional security alerts on Facebook and other social media platforms.

  • If you suspect compromise, change your password immediately and log out from all devices.

Bkav

 

Share
Các tin bài khác