Why Meta has warned 1 million Facebook users

Facebook-parent Meta has announced that it is informing a million users who may have unknowingly installed one or a few of 400 malicious apps designed to steal their account credentials. The company said that the apps are present on both Google Play Store and App Store. Meta has said that it has informed about these apps with industry peers, security researchers and policymakers to improve defences against the threat.
What has been found
Meta says that its security researchers have found more than 400 malicious Android and iOS apps designed to steal Facebook login information and compromise people’s accounts. The company says that these apps are disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them.
The company is also alerting people who may have “unknowingly self-compromised their accounts by downloading these apps and sharing their credentials, and are helping them to secure their accounts.”

How these apps work
Apart from displaying fun images on app stores, the developers of these apps may have published fake reviews. This helped them to cover up “negative reviews by people who have spotted the defunct or malicious nature of the apps” and trick others into downloading the malware.
When a person installs the malicious app on their device, it asks them to “Login With Facebook” in order to access the promised features. When the person enters his/ her credentials, the malware steals the username and password. This gives the attacker full access to the person’s account.
How you can stay safe
There are many legitimate apps that ask users to sign in with Facebook. However, it becomes difficult for general people to distinguish between legitimate and malicious apps. It is to be noted that malware apps often have signs that can help users to differentiate them from legitimate ones.
If an app repeatedly asks you to login with Facebook/ other credentials even before allowing you to use it, do not install it. You can also check the download count, ratings and reviews of such apps before downloading them. Check for spelling mistakes or abnormal behaviour while accessing the app.
What to do if you’re affected
In case you have downloaded a malicious app and have logged in with your social media or other online credentials, delete it from your device. Change the password and enable two-factor authentication, preferably using an Authenticator app. Turn on log-in alerts so you’ll be notified if someone is trying to access your account.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.