Meta tries to find the people who created over 39,000 phishing sites

Meta takes legal action to disrupt a large-scale phishing campaign. On Monday, the company filed a federal lawsuit to “discover the identities” of a group of people who created more than 39,000 websites designed to trick Facebook, Instagram and WhatsApp users into coughing up their login credentials.

The company says the scammers used the Ngrok relay service to redirect people to their websites in a way that allowed them to hide their actions. “This allowed them to hide the true location of the phishing websites and the identities of their online hosting providers and the suspects,” Meta said. As of last March, the company began partnering with the relay service to suspend “thousands” of URLs associated with the campaign.

This isn’t the first time the threat of legal action has been used to stop a phishing campaign. In 2019 and 2020, the company filed lawsuits against OnlineNIC and Namecheap, two domain name registrars that had allowed cybersquatters to claim domains like and However, the scale of this campaign seems to dwarf the campaigns that OnlineNIC and Namecheap enabled. When Meta sued the latter company in 2020, it said it had registered 45 domains that were explicitly created to confuse people.

All products recommended by Engadget have been selected by our editorial team, independent of our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Stay tuned for more such real estate news and updates at

Leave a Comment