Meta, the parent company of Facebook has indicated that it will be notifying a million Facebook users that their account credentials may have been compromised through bogus tainted apps that were available from Alphabet, Inc.’s and Apple’s software stores.  More than 400 malicious Android and iOS apps were discovered and have been removed from the software stores, however, for a million people, the damage has already been done and their Facebook login credentials are now in the hands of cybercriminals.

The malicious apps appeared to be legitimate photo editors, mobile games, health trackers, VPNs and lifestyle apps.  Once a cybercriminal has your Facebook login credentials, the cybercriminal can use that information to take control of your account, access personal information that can lead to identity theft and send messages to your friends that appear to come from you, but are intended to scam your friends.


Here is a list from Meta of all of the affected apps.

If you are downloaded one of these tainted apps, delete the app immediately.  Next you should set up a new unique Facebook password and set up dual factor authentication for added security.  Here is a link to where you can set up dual factor authentication on your Facebook account.

Finally, this is a good time to remember my motto, “trust me, you can’t trust anyone.”  Whenever you get a phone call, text message, instant message or email, you can never be sure who is actually contacting you so you should never provide personal information or click on links unless you have absolutely confirmed that the communication is legitimate.

If you are not a subscriber to and would like to receive  free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and type in your email address in the tab that states “Sign up for this blog.”