Beware! Did you login on WhatsApp, Facebook, Instagram fake websites by mistake? Do THIS now
Cyber pirates are back with their new tactics to steal users' information in phishing attacks and this time they are targeting the widely used instant messaging application WhatsApp and others. The Meta-owned company informed that over 39,000 websites that are designed to steal the user's data using fake login pages have been found. They are all fake! These fake websites' login pages are meant to convince a victim to submit sensitive information such as a passwords and email address that cybercriminals will later use to steal data and more. Not just WhatsApp fake websites, there are others on Facebook, Instagram and Facebook Messenger too. All it takes for a user to get scammed is do a WhatsApp login on a fake website. It is easy to make a mistake as these fake WhatsApp, Facebook, Instagram websites look almost like the real ones!
Facebook has confirmed in a blog post that, not just WhatsApp, but other broadly used social media networks - Instagram, Facebook, and Messenger are being used to launch phishing attacks to trick users into disclosing their login credentials on fake login pages. In view of this incident, social media giant Facebook filed a federal lawsuit in a California court to uncover the identities of cyber pirates behind the phishing attack.
How it is done
Cybercriminals generally send links to your real WhatsApp, Facebook, Instagram and other social media account as well as emails with links in them. Clicking on these links will lead a user to a fake website that looks exactly like WhatsApp, Facebook or Instagram. However, it is fake and if users do not recognise that, they end up trying to login and thereby reveal their usernames and passwords inadvertently to cybercriminals.
Cyber thieves employed a strategy that allows them to redirect internet traffic to phishing websites in a way that masks their attack infrastructure as part of the attacks. This allowed them to hide the real location of the phishing websites, as well as the identities of their online hosting providers and defendants. Facebook mentioned that the social media firm worked with the relay service to suspend thousands of URLs to phishing websites starting in March 2021, when the volume of these attacks escalated.
Your role in combating phishing attack
Though social media giants are working effectively to catch the people behind these phishing attacks, you can also stop it with simple tricks while being attentive. If you get any of the suspicious emails, messages, or text on WhatsApp, Instagram, Facebook or Messenger, which may ask you to log in via using your username and password of Facebook, then ignore them, just don't click on them or provide any of your personal details. You should be 100 percent sure about any website before you do anything on it.
Even if you receive an email claiming to be from WhatsApp or Facebook-owned social media networks containing any links or attachments, then don't click on it either.
What you must do if you clicked on these fake links and attempted to do a WhatsApp login
Still, if you think that you accidentally provided any of your personal details or you find your account at risk then follow these tips.
- Above all, change you WhatsApp login password immediately. If you can still access your account, then protect it by changing your password and logging out of any devices you don't own.
- Know how to recover your account if you can't get into it and your username or password doesn't work.
- Try to evaluate the recent activity and check recent Facebook emails to see if anything unusual has been happening with your account..