Facebook Scammers

Scammers recently used their own third-party Android applications (apps) to hijack over 10,000 Facebook accounts. If you were to download and open one of these malicious apps, you’d see a familiar feature: the “Continue with Facebook” button. Legitimate apps often integrate with websites like Facebook to make account creation quick and easy. In malicious apps, this type of link often leads to a phony login page designed to steal your login credentials.

This scam is unique because clicking the “Continue with Facebook” button actually opens the official Facebook login page. If you log in to your Facebook account, you’ll give the bad guys far more than your username and password. The malicious apps include an extra bit of code that gathers your account details, location, IP address, and more. Once they hijack your account, the bad guys can use it to generate ad revenue, spread disinformation, or even scam your friends and family.

Follow these tips to stay safe from malicious applications:

Only download apps from trusted publishers. Remember, anyone can publish an app on official app stores, including cybercriminals.