Meta Sues Threat Actors Responsible for the Phishing Scams Ran on Its Platforms

Yesterday, Meta, formerly known as Facebook, confirmed that it had pressed charges against cybercriminals who targeted its users with phishing scams on Facebook, Messenger, Instagram, and WhatsApp.

The Phishing Campaign

The scammers responsible for these phishing operations used roughly 39,000 phishing pages that would mimic the four platforms’ login pages.

The phishing scams were meant to trick people into sharing their login credentials on the fake login pages for popular platforms.

Jessica Romero, Meta’s Director of Platform Enforcement and Litigation declared:

This phishing scheme involved the creation of more than 39,000 websites impersonating the login pages of Facebook, Messenger, Instagram, and WhatsApp. On these websites, people were prompted to enter their usernames and passwords, which Defendants collected.

As part of the attacks, threat actors utilized a relay service to reroute internet traffic to phishing sites, hiding their attack infrastructure. This action allowed them to hide the actual location of the phishing pages, as well as the identities of their web hosting providers and the defendants.

When the number of attacks increased in March 2021, Facebook immediately started collaborating with the relay service used by the phishing operation to eliminate thousands of URLs used in the campaign.

We proactively block and

Read More: