Meta is suing cybercriminals over phishing scams on Facebook, WhatsApp, Messenger

News
By Sead Fadilpašić
published

It wants to know who's behind the campaign

Meta
(Image credit: Facebook / Meta)

Facebook is suing a number of cybercriminals accused of targeting its users with phishing attacks.

In a press release, Meta said it had filed a federal lawsuit against unknown individuals creating fake login sites, impersonating Facebook, Messenger, Instagram and WhatsApp.

The company claims the malicious actors created almost 40,000 phishing sites so far. 

Meta phishing

"This phishing scheme involved the creation of more than 39,000 websites impersonating the login pages of Facebook, Messenger, Instagram and WhatsApp," Jessica Romero, Meta's Director of Platform Enforcement and Litigation, said in the announcement.

"On these websites, people were prompted to enter their usernames and passwords, which Defendants collected."

To create these phishing sites, the attackers used a relay service called Ngrok, which not only prevented cybersecurity solutions from cutting out the malicious traffic, but also hit the identity of the online hosting provider and the actual location of the phishing site.

The attack volume increased in March this year, Romero further said, adding that the company worked with the relay service to suspend “thousands” of URLs to the phishing websites. 

Facebook versus scammers

Under its previous Facebook guise, Meta has has been trying to fight back against scammers and impersonators quite vigorously for these past couple of years.

In March 2020, the company sued the domain name registrar Namecheap and the Whoisguiard proxy service for “registering domain names that aim to deceive people by pretending to be affiliated with Facebook apps," being used "for phishing, fraud and scams."

A year prior, the OnlineNIC domain name registrar, and the ID Shield privacy service were sued for allowing malicious actors to register lookalike domains. The same year Facebook also sued NSO Group for building and distributing a WhatsApp zero-day exploit.

In fact, NSO Group has been blacklisted by Facebook earlier this month and booted from the platform altogether. WhatsApp sued it in March 2020, but the company said it would fight the allegations. Still, when the court hearing came, the company’s representatives did not appear in the Northern District Court of California court. 

While WhatsApp has stated that it will “continue to pursue swift accountability from the courts in the U.S.”, the NSO Group has stated that “this default notice will not stand” and that WhatsApp has “prematurely moved for default before properly serving NSO with the lawsuit.”

Microsoft, Google, Cisco, and the Internet Association, which includes Amazon, Facebook, and Twitter, have all signed a brief, supporting WhatsApp’s stance on the matter.

Via Engadget

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.