Meta Sues Threat Actors Responsible for the Phishing Scams Ran on Its Platforms
Over 39,000 Phony Websites Posing as Facebook, Messenger, WhatsApp, and Instagram Were Created by the Scammers.
The Phishing Campaign
The scammers responsible for these phishing operations used roughly 39,000 phishing pages that would mimic the four platforms’ login pages.
The phishing scams were meant to trick people into sharing their login credentials on the fake login pages for popular platforms.
Jessica Romero, Meta’s Director of Platform Enforcement and Litigation declared:
This phishing scheme involved the creation of more than 39,000 websites impersonating the login pages of Facebook, Messenger, Instagram, and WhatsApp. On these websites, people were prompted to enter their usernames and passwords, which Defendants collected.
As part of the attacks, threat actors utilized a relay service to reroute internet traffic to phishing sites, hiding their attack infrastructure. This action allowed them to hide the actual location of the phishing pages, as well as the identities of their web hosting providers and the defendants.
When the number of attacks increased in March 2021, Facebook immediately started collaborating with the relay service used by the phishing operation to eliminate thousands of URLs used in the campaign.
We proactively block and report instances of abuse to the hosting and security community, domain name registrars, privacy/proxy services, and others. And Meta blocks and shares phishing URLs so other platforms can also block them.
Meta Took Legal Action Against Cybercriminals Before
This action is the latest in a series of lawsuits filed by the popular platform against cybercriminals who target its users and other malicious actors who use Facebook for malicious reasons.
According to BleepingComputer, in March 2020, Facebook sued domain name registrar Namecheap and its Whoisguard proxy service “for registering domain names that aim to deceive people by pretending to be affiliated with Facebook apps,” which were regularly used “for phishing, fraud, and scams.”
Meta also sued domain registrar OnlineNIC and its ID Shield privacy service in October 2019 for enabling the registration of copycat domains utilized in fraudulent operations.
Last week, Meta published a report named “Threat Report on the Surveillance-for-Hire Industry”, where it announced that it banned six alleged entities and a Chinese law enforcement supplier that provided services on surveillance-for-hire targeting 50 K people.