|Meta Identifies 400 Apps That Steal Logins|
|Written by Kay Ewbank|
|Tuesday, 18 October 2022|
Meta has identified more than 400 malicious Android and iOS apps this year that target people across the Internet to steal their Facebook login information. The company has reported its findings to Apple and Google and is working to help Facebook users learn more about how to stay safe and secure their accounts.
The company formerly known as Facebook says that the apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, services and utilities to trick people into downloading them.
Meta gave examples of photo editors, including those that claim to allow you to “turn yourself into a cartoon” VPNs claiming to boost browsing speed or grant access to blocked content or websites; and phone utilities such as flashlight apps that claim to brighten your phone’s flashlight.
Other examples included mobile games falsely promising high-quality 3D graphics; health and lifestyle apps such as horoscopes and fitness trackers; and business or ad management apps claiming to provide hidden or unauthorized features not found in official apps by tech platforms.
The Meta researchers found that while some users worked out that the apps were defunct or malicious and left reviews, these were hidden by the developers publishing fake positive reviews.
Meta is encouraging people to be cautious when downloading a new app that asks for social media credentials and providing practical steps to help people stay safe. The advice starts with resetting and creating strong passwords, and includes enabling two-factor authentication, preferably using an Authenticator app, to add an extra security layer to your account; and turning on log-in alerts so you’ll be notified if someone is trying to access your account. Meta is also encouraging people to report malicious applications that compromise Meta accounts through the company's Data Abuse Bounty program.
A list of the apps identified by Meta is available here.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Tuesday, 18 October 2022 )|