The announcement was issued Meta blog post which contained a report on the impact of malware and ways to improve the collective defense against it.
Discover our latest podcast
Their researchers found that there were more than 400 malware apps this year that were designed to steal the login information of Facebook users. Meta's Newsroom reports:
These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them.
How do they work?
The method is relatively simple. Most of the apps would ask for a Facebook login in order to access them - something not unusual on its own as legitimate apps do this also. Then, whilst guiding users through the login process, in the background the apps would target user info including passwordsand two-factor authentication for nefarious means.
Meta’s Director of Global Threat Disruption, David Agranovich stated that users everywhere were at risk. Forbes reports:
Our sense here is that this wasn't kind of a specific geographically targeted thing. This was more an attempt to just get access to as many login credentials as possible
How to stay safe
Agranovich went on to say that users should be more wary about the apps they use and query why certain simple apps would need their Facebook login. Users should also look at reviews for any apps they download as they can provide clues as to whether it is a scam. Another tell-tale sign is if the app promises features that it does not deliver.
If you have been affected by any of these scams and believe you may have downloaded a malware app and used your Facebook login, follow these steps:
- Delete the app immediately and reset and create new strong passwords.
- Enable two-factor authentication.
- Turn on login alerts so you will be aware if anyone is trying to login to your account. It is also a good idea to check past logins to make sure you recognise all the devices.
Meta also encourages users to report any malicious applications to them through their Data Abuse Bounty program.
Sources Used:
- Forbes 'Malware Apps May Have Stolen The Passwords Of 1 Million Facebook Users, Meta Says'
- Meta Newsroom 'Protecting People From Malicious Account Compromise Apps'
Read more:
⋙ Facebook Marketplace warning: There's a new costly scam you should be aware of
⋙ Netflix users warned to turn on important setting immediately to protect their account
⋙ If you use Facebook, you need to be careful after this warning