You Should Probably Reset Your Facebook Password Today
You may have given away your Facebook login information unintentionally if you downloaded one of over 400 malicious apps designed to steal Facebook credentials from users. So it might be time to change your password.
Facebook found hundreds of malicious apps
The news comes in a statement from Meta , the parent company of Facebook, which has revealed information about hundreds of malicious apps found by its researchers. According to Meta, there were plenty of apps in this review that made it easier for attackers to find victims. Malicious apps included photo editors, which accounted for a whopping 42.6% of cases, as well as VPNs, flashlight apps, 3D games, fitness trackers, horoscopes, and business or ad management apps. We already knew about one of these ad management apps that tricked over 250,000 users into downloading it on their devices .
You don’t have to worry about any of these apps going forward – both Google and Apple have cleared their marketplaces of these known apps since the Meta announcement – however, this won’t remove the apps from any devices that already have them installed. If you have downloaded any of the over 400 malicious apps on your iPhone or Android, you need to remove them. You can find a complete list of known malware on the Meta Ads page here .
Do not use apps that require authorization through Facebook.
Also, this list is not exhaustive. While Meta has conducted a thorough inventory of all known malicious applications, it cannot guarantee the detection of all intruders. This means that others need to be careful when downloading new apps from the Play Store or the App Store, especially when those apps want to connect to your Facebook account for login verification.
Of course, many apps offer Facebook as a login method. This in itself isn’t necessarily nefarious, but it’s a reason to be careful: if the app doesn’t work without your Facebook credentials, consider deleting it from your phone. Legitimate apps don’t force you to connect to Facebook in order to use it, except for some specific examples from Meta.
How to protect your Facebook password
Meta reaches out to approximately one million affected users, so you should be notified if your login information has been compromised. However, in light of how widespread this issue is, we all could do well to reset our login details now.
To get started, sign in to Facebook. On desktop, click on your avatar in the upper right corner; on mobile, click on “Menu” in the lower right corner. On any platform, go to Settings & Privacy . On desktop, select Security & Login, and on mobile, select Password & Security. From there, you can choose a new password from the “Change Password” option ( just make sure it’s strong and unique ).
However, it may be more important to enable two-factor authentication (2FA) if you haven’t already. If this setting is enabled, you will be required to enter a 2FA code each time you log in, which requires access to an approved authentication app, phone, or physical security key.
With 2FA, your username and password are not enough for attackers to get into your account. If the app steals your login details in the future, you will still be protected. The setup won’t take long, so I highly recommend that you do it now. If you have an iPhone, you can even use the built-in authentication feature so you don’t have to download a third party app.
[ Bloomberg ]