Meta Sues to Disrupt Prolific Phishing Campaign

Facebook’s parent company is taking legal action again in a bid to tackle the scourge of phishing – in particular, a campaign abusing its own brands.

Meta said it filed in a Californian court yesterday against those behind a phishing effort that involved the creation of more than 39,000 websites impersonating the login pages of Facebook, Messenger, Instagram and WhatsApp.

Users drawn to those phishing sites were then tricked into entering their usernames and passwords.

“As part of the attacks, defendants used a relay service to redirect internet traffic to the phishing websites in a way that obscured their attack infrastructure. This enabled them to conceal the true location of the phishing websites, and the identities of their online hosting providers and the defendants,” explained Meta’s director of platform enforcement and litigation, Jessica Romero.

“Starting in March 2021, when the volume of these attacks increased, we worked with the relay service to suspend thousands of URLs to the phishing websites.”

She added that the action was being taken “to uncover the identities of the people behind the attack and stop their harmful conduct.”

Meta has become increasingly willing to launch legal action against adversaries in a bid to disrupt and raise the potential cost of attacking its brands.

In 2019, WhatsApp launched a case against Israeli spyware-maker NSO Group after reports that its software had illegally targeted around 1000 users of the popular messaging service.

Then in January this year, it took two developers to court for violating its terms of service by scraping user data.

“This lawsuit is one more step in our ongoing efforts to protect people’s safety and privacy, send a clear message to those trying to abuse our platform, and increase accountability of those who abuse technology,” Romero concluded.

“We will also continue to collaborate with online hosting and service providers to identify and disrupt phishing attacks as they occur. We proactively block and report instances of abuse to the hosting and security community, domain name registrars, privacy/proxy services, and others. And Meta blocks and shares phishing URLs so other platforms can also block them.

What’s Hot on Infosecurity Magazine?