Meta’s apps targeted in a phishing scam: what exactly happened?

a cool image

Recently, Meta (previously known as Facebook) made the decision to sue cybercriminals and all those involved in running a major phishing scam. The federal lawsuit was filed in a California court and targeted individuals who allegedly created impersonations of all the apps which are owned by Meta, including Facebook, Messenger, WhatsApp and Instagram. With the social media giant coming under frequent scrutiny and criticism about its privacy and data policies, this is yet another worrisome scandal. This is not the first time that Meta has been the target of such a scam. This lawsuit is its way of increasing accountability of those who abuse the platform and safeguarding user privacy. Read on to find out what exactly happened here, and what damage control measures the company has taken. 

What is a phishing scam? 
A phishing scam, or just phishing, is a type of cyber-attack. The attacker sends a fraudulent message which tricks the receiver into disclosing sensitive information and/ or account data. Once the user’s information has been acquired, the hacker can hack into his system by using new log-in credentials or by installing malware. It could lead to the hacker gaining control of one’s financial funds, pursuing unauthorised purchases or even identity theft. 

What happened in Meta’s recent phishing scandal? 
According to Meta, close to 40,000 websites were created which impersonated the login pages of Facebook, Instagram, WhatsApp and Messenger. Users of these platforms were prompted to enter their usernames and passwords like how they normally would expect. All this information was then collected by the hackers involved in this scheme. As of now, the company has launched a full-fledged investigation and a crackdown on these con activities. They are not only being sued for these phishing attacks, but also for copyright infringement due to the use of Meta’s logos. 

How did the hackers manage to deceive users? 
According to Meta’s investigations, the hackers directed internet traffic to the phishing websites they created using a relay service known as Ngork. The location and identity remained concealed through this process. This led the users to the fake website pages where their information was discreetly collected. Since then, the tech giant has tracked down and suspended thousands of such fake URLs.  

Topics

  • Facebook
  • Hacking
  • Instagram
  • Meta
  • online privacy
  • phishing scam
  • WhatsApp Data