In a recent security discovery, security researchers have identified a massive phishing campaign targeting over 30,000 Facebook accounts. What makes this campaign particularly dangerous is the attackers' creative use of a legitimate, trusted platform: Google AppSheet.
How the Attack Works
Instead of using traditional phishing sites that are easily flagged by browsers and security software, threat actors leveraged Google AppSheet — a legitimate tool for building business applications — to host their malicious forms.
By creating fake "Facebook Support" applications, the attackers were able to bypass standard security filters. These apps masqueraded as official tools for account verification, demanding that users input their credentials and, in some cases, even upload personal identification documents.
The Danger of "Trusted" Platforms
This campaign highlights a growing trend in cybercrime: "Living off the Land" tactics, where attackers exploit trusted services to conduct malicious activity. Because Google AppSheet is a reputable platform, the malicious links were often seen as safe, leading to a significantly higher click-through rate.
What You Should Do
1. Be Skeptical of Links: Even if a link appears to come from a reputable domain like apps.google.com, verify the source independently.
2. Never Upload Sensitive Documents: Official support platforms will rarely ask you to upload sensitive personal identification documents through third-party apps.
3. Enable 2FA: Always use multi-factor authentication on your social media accounts.