A new wave of malicious apps are stealing people’s Facebook credentials. These apps offer photo editing tools, horoscope, fitness tips and much more.

According to Meta, Facebook’s parent company, over one million Facebook users have had their log-ins stolen. These credentials were stolen by over 400 malicious mobile apps downloaded just in 2022 for both Android and iOS. 

These apps are generally in the App Store and Google Play. They disguise themselves as VPN services, games, photo editors, horoscopes and many other resources. 

David Agranovich, director of threat disruption at Meta, says that his team has reported these malicious apps to Apple and Google. According to him, measures have been put into place and all malicious apps were taken down shortly afterwards. 

The team is alerting people who may have unknowingly compromised their Facebook accounts by downloading these malicious apps and sharing their credentials. They are also helping these people secure their accounts.

Nowadays, keeping malicious apps off your mobile phone is not an easy task. Despite the constant efforts from Google and Apple to keep these apps out of their online stores, they always manage their way back in. And recently, they are becoming harder to detect. Of the 400 malicious apps discovered by Meta, a large percentage were Android apps. 

The best way to avoid putting your credentials at risk is to be careful when downloading new apps that ask for access to them. Some people would rather offer their log in details than register a new account, and that is where they thrive.

These malicious apps generally publish a lot of false positive reviews to trick more people into downloading them. So it’s important to browse through these reviews to see if the developer is not trying to drown anything out. 

Once you install the app, it suggests a faster login via Facebook, which makes it possible for the maliciou app to steal your login credentials. If your information is stolen, the people behind these apps could gain access to your account and your friends list and gather private information. 

But with some many apps that require new users to log in with their Facebook credentials, how can you be sure which ones are legit? By checking the reputation of the app before downloading it. See if it offers the resources it claims to, or if the app is only available if you provide your Facebook information. 

If your device has been infected with a malicious app, Meta advises you to delete the app immediately. Once you do so, reset your Facebook password and enable two-factor authentication. Turning on log-in alerts also helps because you’ll be notified if someone else tries to access your Facebook account.  

In this day and age, cyber attacks are more common than ever. That’s why it’s important you learn how to keep your personal information safe. Follow the link below to learn more about the matter and how you can protect yourself and your devices.