Don’t use apps that demand login details, Facebook warns users
Over a million Facebook users may have had their login credentials compromised, thanks to apps that trick people into sharing those to use the apps. The Meta-owned social media company made this alarming announcement earlier this week.
Many of the 400 responsible apps are reportedly available for download on Google Play Store and Apple’s App Store, platforms that have set up strict app safety standards to avoid such instances.
The malicious apps
The apps are available on Play Store and App Store disguised as photo editors, mobile games, health trackers, etc., thus making it difficult for users to differentiate these apps from genuine ones.
The apps trick users by offering them bonus features if they log in with their Facebook account or another social media account. The bonus features act as incentives to tempt users into opening in-app windows and signing up with their usernames and passwords.
These apps then save the user’s credentials and send these to remote attackers when the phone is connected to mobile data or Wi-Fi.
Such malicious apps pose a big risk to a user’s privacy and security. Their presence on software stores such as Google Play Store and Apple App Store is an even bigger problem because it becomes easier for them to win a user’s trust.
Third-party apps, however, pose an even bigger risk. A report by ESET released earlier this week suggested that India was among the top countries with Android malware infections. A major reason for these infections was reportedly third-party Android applications.
An example is “GB WhatsApp,” which offers special features not found on the standard WhatsApp application.