Facebook sues to stop domain scammers from impersonating Instagram, WhatsApp sites
Facebook has filed a lawsuit meant to stop scammers from using its name to try stealing from web users.
In a lawsuit filed Monday in a Virginia court, the company sued 12 websites registered by Compsys Domain Solutions Private Ltd., an Indian proxy service. With names like InstagramHijack.com, Videocall-WhatsApp.com and Facebook-Verify-Inc.com, the sites were meant to deceive users and boost internet fraud operations, Facebook alleged. The websites either were offline or included copyright advisories at press time.
Although those web URLs are clunky, they look close enough to legitimate addresses to fool people, apparently. Facebook did not specify how the Compsys-registered sites were being used prior to its suit Monday.
Phishing operations are one possible use. Anyone who visits a site that appears nearly identical to a true Facebook page, for instance, would be more likely to enter their username or password.
It’s the latest example of U.S. companies going to court to stop suspected cybercriminals. Facebook previously filed a similar lawsuit against the domain name registrar Namecheap for allegedly using the websites InstagramBusinessHelp.com and Facebo0k-login.com in bad faith.
“We regularly scan the internet for domain names and apps that infringe on our trademarks and today’s lawsuit is part of this ongoing effort to protect people from phishing, credential theft and other methods of online fraud,” Christen Dubois, Facebook’s director and associate general counsel for IP litigation, said in a statement. “We filed suit after we reached out to Compsys about these domain names and did not receive any response.”
Microsoft has been perhaps most visible in its use of court orders to mitigate hacking. The company previously seized more than 50 websites that suspected North Korean attackers had used to steal sensitive data. Before that, the company also took legal action to curb malicious activity attributed to hackers in Russia, China and Iran.
In December a Georgia-based cable and wire manufacturer filed a lawsuit against unnamed hackers, winning an order to force the website hosting its stolen information offline.
Compsys could not be reached for comment Monday.
