TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Malwarebytes Labs

Thousands of Facebook accounts stolen by phishing emails sent through Google

2 days ago · Read original ↗

ATT&CK techniques detected

4 predictions
T1566.003Spearphishing via Service
91%
"thousands of facebook accounts stolen by phishing emails sent through google researchers have uncovered a long - running phishing operation that abuses trusted google services to hijack tens of thousands of facebook accounts. the compromised facebook accounts are mainly business …"
T1566.002Spearphishing Link
44%
"thousands of facebook accounts stolen by phishing emails sent through google researchers have uncovered a long - running phishing operation that abuses trusted google services to hijack tens of thousands of facebook accounts. the compromised facebook accounts are mainly business …"
T1586.002Email Accounts
40%
"thousands of facebook accounts stolen by phishing emails sent through google researchers have uncovered a long - running phishing operation that abuses trusted google services to hijack tens of thousands of facebook accounts. the compromised facebook accounts are mainly business …"
T1566.002Spearphishing Link
35%
". to the average user, it looks like a perfectly normal notification, in these cases often about facebook policy violations, copyright complaints, or verification issues. researchers linked these emails to a vietnamese ‑ linked operation that has already compromised around 30, 00…"

Summary

In an ongoing operation, hackers are hijacking Facebook accounts using Google AppSheet to send phishing emails that pass security checks.