Facebook Security: Meta has announced that it has informed one million Facebook users that their usernames and passwords may have been compromised as a result of downloading one of more than 400 malicious apps designed for iOS and Android smartphones.
Over the past year, the apps were found disguised as well-known varieties of the app within the Google Play Store and the App Store operated by Apple.
What meta has been found?
Four out of ten of the apps were pretending to be photo editors, while others were pretending to be games, VPNs, health trackers, or business apps.
Users who downloaded the malicious apps were asked to log in with their Facebook account before they could use the features they were promised. If the user entered their username and password, it sent their log in information to the attackers.
Many of the apps were useless and didn’t do what they said they would because the attackers already had what they wanted once the user gave them their credentials.
With stolen login information, attackers can get into a person’s account and see private information or send phishing messages to the victim’s contacts. And if the victim uses their Facebook account to log in to other apps and services, the attackers will also be able to get into those, which could give them access to more sensitive information.
Since the downloads were made outside of the Meta ecosystem, the tech company doesn’t know how many people have installed the malicious apps, but it has warned around a million users that they may have been put at risk.
How can you stop malicious activities?
Apps that ask for your social media login information, especially if the app doesn’t need this information, are said to be signs of a scam. The developer may also advertise features that the app doesn’t have. If the app gets a lot of bad reviews that say it doesn’t work as promised, that could be a key sign that something is wrong.
Agranovich said, “I’d encourage people to look at the app store reviews, especially the negative ones, because you may see people saying that the app was a scam, that their account may have been hacked, or that it was otherwise misleading in how it worked or what it was for.”
If a user thinks they downloaded a malicious app that gave cybercriminals their login information, they should make a new, strong password that they don’t use on more than one website.
Users should also set up multi-factor authentication on their Facebook accounts to make it harder for unauthorized people to get in. Users should also turn on login alerts, which will let them know if someone is trying to get into their account.
Keep watching our YouTube Channel ‘DNP INDIA’. Also, please subscribe and follow us on FACEBOOK, INSTAGRAM, and TWITTER
