Facebook phishing scheme used over 39,000 fake websites, lawsuit says


Facebook, now known as Meta, announced they have filed a lawsuit in California over a phishing scheme that sought to collect login credentials with fake websites for a number of its apps.

In a blog post on Monday, Meta said that the phishing scheme had more than 39,000 websites created that were made to look like the login pages of Facebook, Messenger, Instagram, and WhatsApp.

A phishing scheme is where a user is tricked into giving their login information to someone by typing into a page that is made to look like a legitimate website, such as Facebook’s login page.

“Reports of phishing attacks have been on the rise across the industry and we are taking this action to uncover the identities of the people behind the attack and stop their harmful conduct,” Jessica Romero, Meta’s director of platform enforcement and litigation, said in the blog post.

The defendants in the lawsuit are unnamed. Meta said they were able to conceal the “true location of the phishing websites and the identities of their online hosting providers” using a relay service called Ngrok. The company said the volume of the phishing attacks increased starting in March.

An example from Facebook of a phishing website used to trick users.

Meta’s lawsuit was published by Bleeping Computer. In the suit, the company said the phishing scheme began “no later than 2019” and provided a number of screenshots of the Facebook login pages that were created to deceive users.

Meta is seeking $500,000 from the defendants.

Source: https://www.dailydot.com/debug/facebook-phising-scheme-lawsuit/