### Renewed Attacks and Legal Action **Meta** announced on Monday that it has identified and thwarted fresh spear-phishing campaigns attributed to the notorious Israeli spyware firm, **NSO Group**. These attempts sought to trick **WhatsApp** users into clicking malicious links, redirecting them to external websites—a tactic reminiscent of previous 1-click phishing campaigns linked to NSO Group. In response to these alleged violations, Meta is pursuing a federal court contempt order against NSO Group. This legal move comes after the spyware vendor was previously barred from targeting WhatsApp and its user base through a permanent injunction. "They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO," Meta stated in an official update. The social media giant also revealed that it caught NSO Group creating test accounts and groups on WhatsApp, which have since been promptly taken down. The malicious domains identified in connection with this activity include: * `fr24cast[.]com` * `ghazacast[.]com` * `ikhwancast[.]com` ### A History of Confrontation This isn't the first time NSO Group has faced legal and regulatory scrutiny over its activities. Just a year prior, the company was fined approximately $168 million in monetary damages by a U.S. court. This ruling stemmed from NSO Group's exploitation of WhatsApp servers to deploy its infamous **Pegasus** spyware, which targeted over 1,400 individuals globally. Furthermore, in 2021, the U.S. Commerce Department added NSO Group to its blocklist. The company was sanctioned for engaging in activities deemed "contrary to the national security or foreign policy interests of the United States."  ### Strengthening User Security Against Sophisticated Threats Amidst these ongoing threats, Meta reiterated its commitment to user security. "As always, WhatsApp users' personal messages and calls remain protected with default end-to-end encryption," Meta assured. The company encourages users to keep their apps and devices updated and to report any suspicious activity for swift investigation and action. For users at elevated risk of sophisticated cyberattacks—such as IT security professionals, journalists, activists, or government officials—**WhatsApp** recommends enabling "Strict Account Settings." This advanced security feature hardens accounts by locking them into more private configurations, thereby reducing the attack surface. Key aspects of these settings include: * **Two-step verification** is turned on. * **Link previews** are turned off. * **Last seen and online status**, **profile photo**, **About details**, and **profile links** are restricted to contacts only or a pre-established list of people. * Only known contacts or a pre-established list of people can add the user to groups. Meta emphasizes that "Strict account settings are an optional, lockdown-style security feature that, when enabled, reduces your vulnerability to cyber attack by limiting functionality."