The bad-news apps would check if the Facebook app was open in the background, then sneak a browser tab with a fake Facebook login page into the open background app’s window, enticing you to fill in your info. The fake page would copy your login and password and send them to a remote server that has since been shut down
Here’s the list of removed apps from Evina’s report:
Apps removed from Google Play should automatically be removed from any devices they were installed on, but it’s worth double-checking—especially if you have side-loaded anything on your device. If affected, you should reset your Facebook password and update your security settings—enabling two-factor authentication is always a good bet—right away.
Normally I’d make sure to remind folks to check those app permissions to make sure there’s nothing sketchy happening under the hood, but these apps were suckering users with fake Facebook login pages rather than doing anything untoward behind the scenes. That said, checking app permissions before installing is crucial to data security, but you can’t drop your guard just because the permissions seem fine.
Plenty of malware apps and phishing campaigns try to steal your social media account info with fake login pages. The safest strategy is to only log in through a social media platform’s official app.
However, if for some reason you do need to log in via a web browser, confirm the page is legit first. Check everything—the URL, images, layout, text, even the color of the page when you view all tabs. If they don’t match, then it’s a fake.
0 Comments