Did you know that since 2019, over 39,000 impostor websites have been created impersonating the login pages of WhatsApp, Facebook, and Instagram? At least, that is what Meta is alleging in a new federal lawsuit seeking to quash the widespread phishing scams, which try to capture users’ login credentials by pretending to be legitimate landing pages.

According to CNET:

The unnamed defendants used services from San Diego-based tech company Ngrok to conceal their identities and “relay internet traffic to their phishing websites in a manner that obfuscated where their websites were hosted,” the 21-page lawsuit says. The lawsuit included screenshots of login pages that looked identical to the login pages for Facebook, Instagram, Messenger and WhatsApp but used Ngrok URLs. Some of the fake websites were in English and Italian.

So what are the exact charges Meta is bringing?

Meta alleges in the lawsuit that the defendants violated the social network’s terms of service, California’s Anti-Phishing Act and a federal law that prohibits trademark infringement. The lawsuit doesn’t say how many people were tricked into handing over their personal information.

Phishing on the rise

The lawsuit comes on the tails of a marked increase in phishing scams. In 2021, the Anti-Phishing Working Group recorded twice as many phishing attacks as in 2020 – and the organization also saw a record monthly high in July, with 260,642 phishing attacks. Hopefully, Meta’s lawsuit will decrease the number of phishing incidents we see in 2022.