Cybercriminals are back with their new strategy to steal user information in phishing attacks, this time targeting the most used instant messaging platforms WhatsApp, Facebook, and others. The Meta-owned company reported that more than 39,000 websites have been found that are designed to steal users’ data by using fake login pages. They are all fake! Sensitive information of users such as passwords and email IDs are found on the login page of these fake websites, which are being used by cybercriminals to defraud people.
Not only fake websites of WhatsApp, fake websites of Facebook, Instagram, and Facebook Messenger have been created. The user who logs in to his account by clicking on that fake website becomes a victim of fraud. It is easy to make this mistake because these fake WhatsApp, Facebook, Instagram websites look almost like real ones. Facebook has confirmed in a blog post that not only WhatsApp but other widely used social media networks – Instagram, Facebook, and Messenger – are being used for phishing attacks. Following the incident, social media giant Facebook filed a federal lawsuit in a California court to reveal the identities of the cyber robbers behind the phishing attack.
How to get caught in this trap?
Cybercriminals usually send links to your actual WhatsApp, Facebook, Instagram, and other social media accounts as well as emails containing links in them. By clicking on these links, users will be taken to a fake website that looks exactly like WhatsApp, Facebook, or Instagram. However, it is fake and if users do not recognize it, they end up trying to log in and thereby inadvertently pass on their username and password to cybercriminals.
Ways to avoid a phishing attack
Although the social media giant is working effectively to catch the people who carry out these phishing attacks, you can also prevent them with simple tricks while being careful. If you get any suspicious emails, messages, or texts on WhatsApp, Instagram, Facebook, or Messenger asking you to log in using your Facebook username and password, ignore them, just don’t click on them. Do not share or give any of your personal information to them. Before doing anything on any website you should be 100 percent sure about it. Even if you receive an email claiming to contain a link or attachment from the social media network owned by WhatsApp or Facebook, don’t click on it.