Facebook launches $2m suit against alleged phishing, hacking sites
Facebook is using trademark law to go after the domain hosts which register phishing or hacking-tools sites that target the platform and its Instagram subsidiary.
CNET reports that on Monday, Facebook filed suit in the US District Court of the Northern District of California against web hosts OnlineNIC and ID Shield. It’s accusing the hosts of trademark infringement and cybersquatting – what’s also known as typosquatting, where crooks register common misspellings of popular websites to snare innocent users who wind up on the pages due to a keystroke slip.
According to the suit, OnlineNIC has registered domains from which to carry out phishing and which claim to sell hacking tools. Facebook listed 20 infringing domains, including hackingfacebook.net, facebookphysician.net, buyinstagramfans.com, instagram01.com, and iiinstagram.com.
Each of those domains was registered by ID Shield: a company that Facebook says is controlled by OnlineNIC.
The lawsuit also includes a screen capture designed to look exactly like a Facebook site. Facebook alleges that such sites are used in phishing attacks, meant to trick visitors into accidentally giving up their logins.
CNET quoted a statement from Facebook:
People count on us to protect the integrity of our apps and services. We don’t tolerate people creating web addresses that pretend to be associated with our family of apps. Today’s lawsuit shows we will take action against those behind this abuse.
This isn’t OnlineNIC’s first trademark waltz. In 2008, Verizon sued the company for registering hundreds of domain names with Verizon trademarks. Verizon won its $33m suit, being awarded a default judgment of $50,000 for each of 663 addresses registered by OnlineNIC.
Facebook said in its lawsuit that OnlineNIC’s history demonstrated a “bad faith intent to profit” off others’ intellectual property. The company is seeking $2 million in damages, which works out to $100,000 per infringing domain.