Meta is taking legal action to disrupt a widespread phishing campaign. On Monday, the company “disclosed the identities” of a group of people who created more than 39,000 websites designed to trick Facebook, Instagram and WhatsApp users into coughing into their login credentials.
The company says scammers have used the relay service Ngrok to redirect people to their websites in a way that allows them to hide their actions. “This enabled them to hide the true location of the phishing sites and the identities of the online hosting providers and the defendants,” Meta said. Starting last March, the company began working with the relay service to suspend “thousands” of URLs associated with the campaign.
This isn’t the first time you’ve used the threat of legal action to try to stop a phishing campaign. In 2019 and 2020, the company filed lawsuits against and two domain name registrars who allowed cyber-squatters to claim domains like instagrambusinesshelp.com and whatsappdownload.site. However, the size of this campaign appears to dwindle with OnlineNIC and Namecheap enabled ones. When Meta sued the latter in 2020, it said it registered 45 domains that were explicitly created to confuse people.
All products recommended by Engadget are handpicked by our editorial team, independently of the parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.