The desire to get a verified blue tick on Facebook is turning into a costly mistake for thousands of users. A new and highly advanced scam is targeting people with promises of free verification, leading to large-scale account takeovers. Cybersecurity experts have raised serious concerns after discovering that more than 30,000 accounts have already been hacked through this scheme.

A Growing Threat Targeting High-Value Users

This scam is not limited to casual users. According to researchers, hackers are specifically targeting high-value accounts such as business owners, influencers, and advertisers—profiles that can generate revenue or have large audiences. The attackers lure victims by offering free blue tick verification, eliminating the need for paid subscriptions.

The operation has been tracked by cybersecurity firm Guard.io, which has named the campaign “Account Dumpling.” Investigators believe the scale of this operation is significant and expanding rapidly. Reports suggest that an organized group, possibly based in Vietnam, could be behind the attacks. These groups often steal accounts and later sell them on digital black markets for profit.

How Hackers Are Outsmarting Security Systems

One of the most alarming aspects of this scam is the use of trusted tools to deceive users. Hackers are reportedly exploiting Google AppSheet, a legitimate platform typically used for business automation. By leveraging its notification system, attackers send phishing emails that appear authentic and trustworthy.

Since these emails seem to originate from a reliable Google service, spam filters often fail to detect them. As a result, users are more likely to trust the message and click on the provided links. Additionally, hackers are using advanced techniques like invisible characters to bypass security detection systems, making the scam even harder to identify.

The Trick: Fear and Greed Combined

Cybercriminals are using a dual strategy to trap victims—fear and temptation. In some cases, users receive alarming messages claiming their account is at risk of deletion or has violated copyright policies. In other instances, they are promised a free blue tick without needing a paid Meta subscription.

Once the user clicks the link, they are redirected to a page that looks nearly identical to Facebook’s official login or verification page. Victims are asked to complete steps such as solving a CAPTCHA or logging in again. During this process, they unknowingly enter sensitive information, including login credentials and even two-factor authentication (2FA) codes.

The moment these details are submitted, hackers gain full control of the account. From there, they can misuse it, lock out the original owner, or sell it online.

Why This Scam Is So Dangerous

What makes this scam particularly dangerous is its professional execution. Unlike older phishing attempts filled with errors, these messages are carefully crafted to look legitimate. The use of trusted platforms and realistic interfaces significantly increases the chances of users falling victim.

Moreover, once an account is compromised, it can be used to target others, spreading the scam further and creating a chain reaction.

How to Protect Your Facebook Account

Cybersecurity experts strongly advise users to remain vigilant and follow basic safety practices:

• Avoid clicking on unknown or suspicious links, especially those promising account verification or urgent updates
• Always verify messages through Facebook’s official channels
• Never share login credentials or personal information on untrusted websites
• Be cautious of emails or notifications that appear unusually urgent or too good to be true
• Enable strong security settings, including two-factor authentication, but never share your 2FA codes

Stay Alert, Stay Safe

As cyber threats continue to evolve, scams like these highlight the importance of digital awareness. A simple mistake—like clicking on the wrong link—can lead to severe consequences, including loss of personal data and account access.

Users must remember that official verification on Facebook does not happen through random links or third-party messages. Staying cautious and informed is the best defense against such sophisticated cyber frauds.