Illustration by Alex Castro / The Verge
Meta is taking legal action against the bad actors who allegedly impersonated Facebook, Messenger, WhatsApp, and Instagram to conduct a phishing scam. The company claims that since 2019, the defendants created over 39,000 websites in an attempt to replicate Metaâs services, subsequently deceiving users and collecting their login information.
In the post on its blog, Meta explains that the defendants used a relay service, Ngrok, to send internet traffic to the phony login pages they created, all while concealing their identity and location. Those who clicked the phishing link were brought to a login page that resembled Facebook, Instagram, Messenger, or WhatsApp. When the user attempted to log in, defendants would collect their victimsâ usernames and passwords.
Meta noticed that these attacks started ramping up in March of this year and worked with Ngrok to suspend the URLs that the bad actors were using. A copy of the legal complaint obtained by The Verge shows that Metaâs lawsuit doesnât just concern phishing attacks â it also raises an issue with copyright infringement. The defendants allegedly used the companyâs trademarked logos and names on their fake login pages to mislead users.
âBy creating and disseminating URLs for the Phishing Websites, Defendants falsely represented themselves to be Facebook, Messenger, Instagram, or WhatsApp, without Plaintiffsâ authorization,â the complaint reads. âPlaintiffs were adversely affected by Defendantsâ phishing scheme and suffered, without limitation, damage to their brands and reputations, harm to their users.â
In 2019, Instagram introduced a tool to help combat phishing attacks, which lets you verify that the emails you receive are actually from Instagram. Metaâs brands arenât the only high-profile companies affected by these scams â in October, Google reported a large-scale phishing campaign that attempted to steal creatorsâ login cookies on YouTube, gaining access to their username and password as a result.
âWe proactively block and report instances of abuse to the hosting and security community, domain name registrars, privacy/proxy services, and others,â wrote Jessica Romero, Metaâs director of platform enforcement and litigation in the companyâs blog post. âAnd Meta blocks and shares phishing URLs so other platforms can also block them.â