Meta has filed a federal lawsuit against scammers who allegedly misrepresented Facebook, Messenger, WhatsApp, and Instagram in order to conduct a phishing scam. According to the company, the defendants have created over 39,000 websites in an attempt to replicate Meta’s services, deceiving users and collecting their login information since 2019.
People were asked to enter their usernames and passwords on these websites, which Defendants collected.
Phishing poses a serious threat to millions of Internet users. These attacks entice victims to visit a website that appears to be run by a reputable entity, such as a bank, a merchant, or another service.
The website, on the other hand, is a deception, a forgery, and the site’s forgery is intended to persuade a victim to enter sensitive information, such as a password or email address.
The defendants used a relay service, Ngrok, to send internet traffic to the totally fake login pages they created, all while trying to conceal their identity and location, according to Meta’s blog post. Those who clicked the phishing link were taken to a login page that looked like it came from Facebook, Instagram, Messenger, or WhatsApp. When the user attempted to log in, the defendants would collect the usernames and passwords of their victims.
Instagram introduced a tool in 2019 to help combat phishing attacks, which allows you to verify that the emails you receive are indeed from Instagram. Meta’s brands aren’t the only well-known companies that have fallen victim to these scams.
“We proactively block and report instances of abuse to the hosting and security community, domain name registrars, privacy/proxy services, and others,” Meta’s director of platform enforcement and litigation Jessica Romero wrote in the company’s blog post. “And Meta blocks and shares phishing URLs so that other platforms can detect them.”