A million Facebook accounts may have got their passwords stolen after Facebook users downloaded malware apps, Meta has warned. False third-party apps are everywhere, from the Google play store to the Apple app store, and downloading such an app can steal Facebook passwords.
Facebook Meta notified its one million users and shared a report detailing over four-hundred malware apps explicitly designed to steal login information from Facebook.
The Malicious Apps
Sometimes we download an application but it doesn’t work correctly. If it happens to you, be cautious that it may be designed to steal your Facebook password. Yes, malicious apps always remain in disguise. They may look like an app useful for photo editing, music, games, business tools, SEO optimizers, voice changers, fitness, or other features. But the apps intend to steal credentials of Facebook accounts like login ids and passwords.
According to Facebook, almost 43% of the malware apps act as photo editors because many smartphone users use various photo editing applications. Fifteen percent of the apps were related to business utility and almost twelve percent were gaming apps.
The apps designed to steal Facebook passwords often don’t work before the user logs in via Facebook, and some don’t work correctly after signing in. The danger of malicious apps is not limited to hacking Facebook accounts only, those apps can even steal other confidential data from users.
What Did Facebook Say?
Facebook Meta said that it is assisting its users to secure their Facebook accounts and made Apple and Google pull up those apps identified as malware from their respective stores.
There are lawful apps also, Facebook said, offering features after asking the users to sign in via Facebook. But they offer secure and legitimate ways to log in via Facebook. Cybercriminals use these tricks of duplicating the designs and procedures of popular apps to steal user data. Malware apps even create fake reviews by posting positive comments so that the negative comments stating the app is fake are covered up, added Facebook.
What Did Apple And Google Say?
Apple said 45 of the four hundred apps on the Apple App store had been removed, while Google also claimed to do the same and added that they protect their users with Google Play Protect.
What Should Facebook Users Do?
Facebook losing users data, advised all its users to review any application before downloading it from any platform. Users should read all comments to know whether the app is fake or has any issues. Facebook Meta recommends that its users be skeptical of every app requiring signing up via Facebook to protect their Facebook passwords.
Facebook shared a list of malicious apps and requested all its users to uninstall them if they had downloaded one or more of them. It also suggested that users reset their Facebook login credentials with stronger passwords.
Facebook Meta also asked the users to activate two-step authentication and turn on login alerts, adding more to the suggestions. This measure will make the personal information of the users more secure.
Facebook users having their accounts have already compromised should also file a complaint.
Users should keep their accounts on different platforms protected by different and strong credentials, and using the same passwords for different platforms is strictly avoidable.
Users’ Complaints
Though Facebook provided all kinds of support and assistance to its users to recover compromised accounts and protect their data, users are still dissatisfied with the incident. They questioned how the most reputed platforms like Apple and Google could include these illegal apps in their stores.
Meta said that detecting and removing malware is a continuous process performed by social media giants and tech giants like Facebook, Google, and Apple. Still, some apps evade detection and enter the app stores.
But Apple and Google provided no assistance to those who already installed the apps and got their Facebook data compromised.
Conclusion
Facebook users should not only change the passwords of their Facebook accounts but also those of other platforms where they used similar passwords.