Meta is hunting for cybercriminals who commit phishing scams by impersonating Facebook, Messenger, WhatsApp, and Instagram.
This cybercriminal, according to Meta, has been in action since 2019 and created more than 39 thousand sites that imitate various Meta services, and often successfully deceive their victims.
In his blog post, the Facebook parent explained that the criminals used a relay service called Ngrok to divert internet traffic to a fake site they created, while of course masking their true identity and location.
Victims who click on the phishing link will be taken to a login page similar to Facebook, Instagram, Messenger, or WhatsApp. When the victim tries to login, the criminal will receive his username and password.
This crime began to spread widely in March 2021, and Meta claimed to have worked with Ngrok to remove the URL used by the perpetrator. For that Meta then took legal steps to stop the crime.
In its lawsuit, Meta is not only concerned about the phishing attacks carried out, but also the issue of copyright infringement, because the perpetrators also use the logos of various Meta services whose copyrights have been registered, as quoted by us from The Verge, Tuesday (21/12/2021).
"By creating and distributing URLs to phishing sites, the perpetrators also claim to be representatives of Facebook, Messenger, Instagram, or WhatsApp, without the owner's permission," Meta wrote in the lawsuit.
"Plaintiffs are affected and suffer losses from this phishing scheme, which damages their name and reputation, and is harmful to their users," he continued.
Meta is not the only company affected by various phishing acts. In October, Google also reported a large-scale phishing campaign that tried to steal login cookies from content creators, which leaked their usernames and passwords.