A major cyber fraud campaign has compromised nearly 30,000 Facebook accounts through fake emails and phishing links, according to cybersecurity reports.

Researchers say the operation, allegedly linked to Vietnam-based hackers, used Google AppSheet as a “phishing relay” to send fake Meta support emails designed to trick users into handing over login credentials.

Cybersecurity firm Guardio, which tracked the campaign under the name “AccountDumpling,” said the stolen accounts were later resold through illegal online marketplaces operated by the same attackers.

Security experts described the operation as far more sophisticated than a typical phishing scam, involving live control panels, constant updates, advanced evasion techniques, and organized criminal infrastructure.

The attackers reportedly used fake warnings about account suspension, copyright violations, and Meta verification requests to create panic among users and force them into clicking malicious links.

Researchers warned that hackers are increasingly exploiting trusted platforms and cloud-based services to bypass spam filters and make fraudulent emails appear legitimate.

Cyber experts have urged users to avoid clicking suspicious links, enable two-factor authentication, and verify all account-related emails directly through official Meta platforms.

Analysts say the incident highlights the growing scale of global cybercrime networks targeting social media users, as stolen digital identities and verified accounts become increasingly valuable on underground markets.