Meta Takes Legal Action Against Massive Phishing Scam

Published · Dec 22, 2021

On December 20, 2021, Meta filed a lawsuit against the actors that are allegedly behind a large phishing attack. The hackers created over 39,000 websites impersonating Meta’s platforms to lure visitors into entering their login credentials.

Phishing is a type of social engineering that hackers deploy to deceive users to click on a malicious link. They usually achieve this by impersonating a trusted organization and crafting a convincing message. The aim is to lure people into providing sensitive information, like bank details, passwords, etc.

The phishing scam involving phony sites resembling the login pages of Facebook, Instagram, Messenger, and WhatsApp started in 2019. Since then, the hackers have created around 39,000 websites.

According to Meta, they used the relay service Ngrok to direct internet traffic to the malicious pages. The two companies now work together to fight this.

In March 2021, the number of attacks grew, and Meta increased its efforts to suspend the phishing sites. It collaborates with other services to identify and block malicious URLs. It also reports the instances of abuse so other services can block them too.

The lawsuit is another attempt to fight the bad actors. According to The Verge, the legal complaint also raises the issue of copyright infringement.

Since the hackers use the name and fake the logos of the company’s platforms, this damages their brands.

As such, the legal complaint is also an effort to protect Meta’s reputation.

Threats to Personal Online Security

Phishing attacks aren’t the only way to obtain data about individuals.

A lot of personal information is available in the databases of background checks services and people search sites. However, this is data that is already publicly available online.

People typically use it to find someone or do a background check on а date and not for malicious purposes. In addition, those concerned with their privacy could remove themselves from the internet.

In contrast, the information malicious actors collect through scams could be used to do a lot of harm. To safeguard themselves from hacking attacks, apart from being alert, people could use ID theft protection services.

Cyberattacks are more common than ever. Around 1.5 million phishing sites are created each month.

Meta’s lawsuit is an attempt to fight this threat on a larger scale and, of course, protect its users and reputation.

Aleksandra Yosifova
Aleksandra Yosifova

With an eye for research, Aleksandra is determined to always get to the bottom of things. If there’s a glitch in the system, she’ll find it and make sure you know about it.