Meta plans for legal action against who allegedly impersonated Facebook, Messenger, WhatsApp, and Instagram to conduct a phishing scam. The company claims that since 2019, the defendants created over 39,000 websites in an attempt to replicate Meta’s services, subsequently deceiving users and collecting their login information.

In the post on its blog, Meta explains that the defendants used a relay service to send internet traffic to the phony login pages they created, all while concealing their identity and location. Those who clicked the phishing link were brought to a login page that resembled Facebook, Instagram, Messenger, or WhatsApp. When the user attempted to log in, defendants would collect their victims’ usernames and passwords.

Meta noticed that these attacks started ramping up in March of this year and worked with the service known as Ngrok to suspend the URLs that the bad actors were using. A copy of the legal complaint obtained by The Verge shows that Meta’s lawsuit doesn’t just concern phishing attacks — it also raises an issue with copyright infringement. The defendants allegedly used the company’s trademarked logos and names on their fake login pages to mislead users.

“By creating and disseminating URLs for the Phishing Websites, Defendants falsely represented themselves to be Facebook, Messenger, Instagram, or WhatsApp, without Plaintiffs’ authorization,” the complaint reads. “Plaintiffs were adversely affected by Defendants’ phishing scheme and suffered, without limitation, damage to their brands and reputations, harm to their users.”

“We proactively block and report instances of abuse to the hosting and security community, domain name registrars, privacy/proxy services, and others,” wrote Jessica Romero, Meta’s director of platform enforcement and litigation in the company’s blog post. “And Meta blocks and shares phishing URLs so other platforms can also block them.”