Beware! Logged in to fake WhatsApp, Facebook, Instagram websites? Here's how to stay safe

New Delhi: Cyber pirates are back with new strategies for phishing attacks to steal users' information, and this time they're going for the popular instant messaging programme WhatsApp and others. Over 39,000 websites meant to steal user data via bogus login pages have been discovered, according to the Meta-owned company. They're all fake! The login pages of these bogus websites are designed to get victims to input sensitive information such as passwords and email addresses, which cybercriminals will later use to steal data and other information. There are bogus websites on Facebook, Instagram, and Facebook Messenger in addition to WhatsApp. To be scammed, all a user has to do is log into WhatsApp on a bogus website. It's easy to make a mistake because these phoney WhatsApp, Facebook, and Instagram websites look so authentic!

Not only WhatsApp, but other widely used social media networks such as Instagram, Facebook, and Messenger are being leveraged to launch phishing attacks to deceive users into exposing their login credentials on false login pages, according to a blog post published by Facebook. In light of this occurrence, Facebook filed a federal lawsuit in a California court to ascertain the identity of the cyber pirates responsible for the phishing attempt.

How it is done

Cybercriminals commonly transmit links to your actual WhatsApp, Facebook, Instagram, and other social media accounts, as well as emails with links. When a user clicks on these links, they will be taken to a false website that looks identical to WhatsApp, Facebook, or Instagram. However, it is a forgery, and if people do not recognise it, they will attempt to login, accidentally disclosing their identities and passwords to hackers.

As part of the attacks, cyber criminals used a tactic that allows them to reroute internet traffic to phishing websites while hiding their attack infrastructure. They were able to conceal the true location of the phishing websites, as well as the identities of their online hosting providers and defendants, as a result of this. Beginning in March 2021, when the amount of phishing attacks increased, Facebook collaborated with the relay service to suspend hundreds of URLs to phishing websites.

Though social media behemoths are working hard to apprehend the perpetrators of these phishing assaults, you can prevent them with a few easy measures and vigilance. If you receive any strange emails, texts, or text messages on WhatsApp, Instagram, Facebook, or Messenger that ask you to check in using your Facebook login and password, disregard them and do not click on them or supply any personal information. Before you do anything on a website, you should be completely confident in it.

Even if you receive an email claiming to be from WhatsApp or Facebook-owned social media networks, don't click on any of the links or attachments.

What you must do if you clicked on these fake links and attempted to do a WhatsApp login

Still, if you believe you may have supplied any of your personal information inadvertently or that your account is in jeopardy, follow these guidelines.

• Above all, immediately update your WhatsApp login password. If you still have access to your account, change your password and log out of any devices that you don't own.
• If you can't get into your account because your username or password isn't working, you'll need to know how to recover it.
• Examine recent activities and recent Facebook emails to see if anything out of the ordinary has occurred with your account.

Live TV