Facebook Users Targeted by Phishing Scam Promising Free Blue Badge Verification
A recent security report has highlighted a phishing scam targeting Facebook users with emails promising a free blue verification badge. The campaign, identified as 'AccountDumpling,' is linked to a Vietnamese criminal operation and has reportedly compromised 30,000 accounts. The attackers use emails to lure Facebook users, page admins, and operators into providing sensitive information. These emails, delivered through Google's AppSheet platform, exploit the platform's notification mechanism to send phishing emails at scale. The emails promise a free blue badge without the need for a Meta Verified subscription, leading recipients through fake CAPTCHA and contact detail forms before requesting passwords and two-factor authentication codes. The attackers have employed sophisticated evasion techniques, including Unicode invisible characters and Cyrillic homoglyphs, to bypass detection. 
