Facebook is suing a number of phishers accused of posing as its users and tricking them into giving out their passwords. Meta announced the filing of a federal lawsuit against unknown individuals who were creating phony login sites, impersonating Facebook, Messenger, Instagram, and WhatsApp. According to the firm, the fraudulent operators have already established nearly 40,000 phony websites.
The scam generated more than 39,000 phony Facebook, Messenger, Instagram, and WhatsApp login sites. “This phishing campaign includes the development of over 39,000 websites impersonating Facebook, Messenger, Instagram, and WhatsApp login pages,” Jessica Romero from Meta added in the statement.
“On these websites, people were prompted to enter their usernames and passwords, which Defendants collected.”
The attackers created these phishing sites using a relay service called Ngrok, which not only prevented cybersecurity solutions from cutting off the malware traffic, but also revealed the identity of the online hosting provider and the real location of the phishing site. In March 2018, Romero said that there was an increase in attack volume, and that the business worked with Ngrok to delete “thousands” of URLs associated with fraudulent websites.
Scammers vs. Facebook
For the last two years, Meta has been fighting back against scammers and impersonators using its former Facebook identity. In March 2020, the firm sued domain name registrar Namecheap and Whoisguard proxy service for “registering domain names that aim to deceive people by pretending to be connected with Facebook applications,” as well as “for phishing, fraud, and scams.”
In May 2018, the OnlineNIC domain name registrar and ID Shield privacy service were sued for allowing attackers to register lookalike domains. The same year, Facebook sued NSO Group over the development and distribution of a WhatsApp zero-day exploit. In April 2020, WhatsApp sued it in court, but according to the company, it would defend itself. Nonetheless, when the case went to court hearing later that month, representatives from the business did not attend in the Northern District Court of California courtroom.
WhatsApp has stated that it will “try to obtain quick action from the courts in the United States.” The NSO Group, on the other hand, said that “this default notice will not stand” and that WhatsApp had “prematurely sought default before properly serving NSO with the complaint.”
Microsoft, Google, Cisco, and the Internet Association (which includes Amazon, Facebook, and Twitter) have all signed a joint statement in support of WhatsApp’s position on the issue.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover
