According to Facebook parent firm Meta, a million Facebook users may have given malicious apps designed to assist criminals access their accounts their usernames and passwords. The social media behemoth claimed to have discovered more than 400 fraudulent apps for both Apple and Android smartphones. These apps claimed to include mobile gaming, photo editing, fitness tracking, and even the ability to boost a phone’s flashlight.
Users who may have accessed Facebook through a malicious app will get a security notification with instructions on how to safeguard their accounts. Resetting their Facebook password, implementing two-factor authentication as an additional layer of security, and activating notifications to let users know when someone has attempted to login in are a few of the actions they can take.
The risks associated with using your Facebook account information to log into apps are highlighted by Meta’s results. There are advantages to logging into apps through Facebook or other account providers, according to David Agranovich, director of Threat Disruption at Meta. When a username or password may be used on many websites, it lessens the need for people to create multiple accounts. He added that using a different account to get into an app adds another level of authentication.
In this instance, con artists were attempting to trick users into downloading an app that contained dangerous malware that would steal their Facebook login information. People were prompted to sign into their Facebook accounts by the apps. While some programmes that request Facebook login credentials are genuine, others can be dangerous.
Agranovich stated during a press teleconference that many of these frauds ‘don’t start and end on one platform’. Threat actors frequently spread their activities over multiple sites to evade detection, which makes cross-industry collaboration like this even more crucial. It can be difficult for Meta, according to Agranovich, to determine if a user has given their Facebook login details to a malicious app or has simply downloaded the app and never checked in. According to him, Meta analyses different signals to assess whether a Facebook user’s account may have been compromised and whether an attacker entered their account using a specific method.
All of the dangerous apps Meta identified in the research, according to spokesmen for Google and Apple, have been taken down. Android smartphones could download more than 350 of the malicious apps. Google Play Protect is a service that scans Android devices for potentially dangerous apps. An attacker can access a victim’s Facebook account and obtain more personal information about them after they have their victim’s username and password. They can even send messages to the victim’s friends to con them out of money or make purchases on the account that has been compromised to deceive others.
Keeping your Facebook account secure;
Users can check to see if they have downloaded any of the more than 400 dangerous apps by using a list that Meta posted in a blog post. Beauty Camera, Kangaroo VPN, Magic Horoscope, and QR Barcode Scanner are just a few of the programmes’ names. Photo editing apps made up about 43% of the harmful applications.
Before logging into an app with their Facebook account, users should be aware of key warning signs, according to Meta. One of these red flags is when the programme asks for your social network login information. For instance, be wary of photo-editing apps that want your Facebook login and password before allowing you to use them or apps that request your Facebook login in order to remove advertisements, said Meta in its study.
People can also check to see if an app has unfavourable reviews, but attackers can also make phoney ones, so this tactic isn’t always effective. Some of the apps claimed to offer functionality when you logged in with your Facebook account, but once people did, the app was useless. Facebook users can also file reports.
Post Your Comments