Operated by an Indian firm, CyberRoot Risk Advisory, Meta barred 40 fake accounts on Facebook and Instagram, engaged in social engineering and phishing to deceive and steal people’s credentials across the internet.

CyberRoot Risk Advisory is Meta’s second take down of an Indian firm that has been operating fake accounts, hacking people’s phones, computers and online accounts.

The Indian firm mainly targeted business executives, lawyers, doctors, activists, journalists and members of the clergy in countries like Kazakhstan, Djibouti, Saudi Arabia, South Africa and Iceland.

Last year, Meta administered action against spyware vendors around the world, including in China, Russia, Israel, the US and India, who targeted people in about 200 countries and territories.

Additionally, the firm is said to fall under the global surveillance for hire industry targeting people to collect intelligence, while manipulating them to spill information and compromise their devices and accounts across the internet.

Part of the industry that provides intrusive software tools and surveillance indiscriminately to any customer, the firm is typically used against opposition politicians, journalists, human rights activists, and rival businesses.

Meta is tight lipped to provide information about the extent of CyberRoot’s activities, but it says that the latter created imposters, using fake accounts, gaining trust with people they targeted around the world.

“To appear more credible, these personas impersonated journalists, business executives and media personalities. In some cases, CyberRoot also created accounts that were nearly identical to accounts connected to their targets like their friends and family members, with only slightly changed usernames, likely in an attempt to trick people into engaging,” Meta says.

Domains of major email providers, video conferencing and file sharing tools, including Gmail, Zoom, Facebook, Dropbox, Yahoo, OneDrive and targets’ corporate email servers were spoofed by CyberRoot. Through these domains, the firm stole login credentials to victims’ online accounts on these services.

“Our investigation found CyberRoot target people around the world, working in a wide range of industries including cosmetic surgery and law firms in Australia, real-estate and investment companies in Russia, private equity firms and pharmaceutical companies in the US, environmental and anti-corruption activists in Angola, gambling entities in the UK, and mining companies in New Zealand,” Meta adds.