Meta, formerly known as Facebook, revealed today that it has launched a federal lawsuit in California to find those who are operating phishing scams. These fraudsters were using phishing attacks to trick consumers into disclosing their Facebook, Messenger, Instagram, and WhatsApp login credentials on bogus login pages. Phishing assaults get victims to click on a link that looks to be managed by a trustworthy company; nevertheless, the website is malicious, and the bogus material on the site is meant to persuade a victim to input important information such as a password or email address.
The phishing effort, according to Meta, entailed the establishment of over 39,000 websites that imitated Facebook, Messenger, Instagram, and WhatsApp login screens. People were asked to submit their usernames and passwords on various websites, which the hackers obtained.
Cybercriminals utilized a relay service to divert internet traffic to phishing websites in a method that concealed their attack infrastructure, according to the social media giant in a blog post. They were able to keep their genuine location, identities, and even the names of their internet web hosting providers hidden as a result of this.
Meta’s director of platform enforcement and litigation, Jessica Romero said in a statement, “This lawsuit is one more step in our ongoing efforts to protect people’s safety and privacy, send a clear message to those trying to abuse our platform, and increase accountability of those who abuse technology.”
“As part of the attacks, Defendants used a relay service to redirect internet traffic to the phishing websites in a way that obscured their attack infrastructure. This enabled them to conceal the true location of the phishing websites, and the identities of their online hosting providers and the defendants,” she further said.
According to Romero, Meta began working with the relay provider in March to suspend hundreds of URLs hosting phishing websites. Meta intends to continue working with online service providers to combat phishing scams. It claims to cooperate with the security community, domain name registrars, and others to proactively stop cases of misuse. According to the business, phishing URLs are also shared so that other platforms can stop them.
Meanwhile, the complaint comes just days after Facebook reported that its platforms had been used to spy on or monitor as many as 50,000 individuals in 100 countries by seven surveillance-for-hire organizations located in China, Israel, India, and North Macedonia.
Meta said last month that it has blacklisted four harmful cyber groups in Afghanistan and Syria for targeting journalists, humanitarian organizations, and anti-regime armed forces.