Protect your personal and business account from malicious software designed to steal your login information
Facebook.com on mobile browsers is in the process of being updated. See more
Visit our Newsroom to learn about how Meta works to counter business-targeted malware and how to protect your accounts
.
Bad actors can use malicious software – or malware – to try to compromise online accounts across the internet. They often use deceptive tactics to trick people into clicking on malicious links or downloading malicious files and software.
Malware is typically designed to obtain sensitive information, like login and passwords to their various online accounts, and it can target a range of devices – from mobile phones to computers. Threat actors can even hide their malware by posing as web browser extensions or trendy apps available in official app stores
.
Malicious hackers sometimes target people’s social media accounts in an attempt to later gain access to Business and Advertising accounts they might be connected to in order to run unauthorized ads as part of a scam or spam operation.
By knowing what suspicious signals to look out for, you can better identify these threats and keep your accounts and business secure.
Identifying Malware
Threat actors typically disguise malware within innocent-looking files, as well as mobile apps or browser extensions available in official app stores. They latch onto popular topics — from political news to the latest tech and business productivity tools — to hide malware and trick people into installing it.
If you observe unusual behavior on your device or online accounts, this might be a sign that you may have inadvertently downloaded malware. Here are some telltale signs to look for:
Suspicious activity on your online accounts that you did not authorize, including financial charges.
Your device runs significantly slower or frequently freezing.
New toolbars, icons, or tabs appear in your browser that you don’t recognize.
Scammy pop-ups appear in your browser.
Shorter device battery life.
What to do if you think you have been affected
If we believe your account has been affected by malware, we may send you a warning message to help you secure your account. While there is a chance that this is a false alarm, we want to alert you so that you can take precautionary steps to protect your account and any Business or Advertising accounts associated with it. Because malware is typically downloaded outside of our platforms, we may not always catch every single instance.
If you believe you’ve downloaded a malicious software, we recommend that you delete it from your device immediately and use the following instructions to secure your account:
Scan personal devices
We recommend scanning any and all devices you use to access Facebook. If you don’t remove potential malware, cyber attackers may continue to have access to your accounts and devices.
To help you scan and clean your personal devices, we suggest using independent antivirus/antimalware tools from third-party providers such as:
ESET Free Online Scanner
Windows - Free online scanner
ESET Smart Security Premium
Windows, Mac, and Android - Free 30-day trial
Bitdefender’s Total Security
Windows, Mac, iOS, and Android - Free 30-day trial
For all other devices, please scan using reputable and trusted antivirus products. New malicious applications are developed constantly, so it is important to keep this software up-to-date and scan your computer regularly. We recommend that you enable “automatic” scanning of files in your Antivirus software.
Scan corporate devices
If you believe your corporate device may be impacted, we suggest reaching out to your company's IT department for support.
Review your web browsers
We recommend reviewing each of your browsers. If you don’t remove potential malware, cyber attackers may continue to have access to your accounts and devices.
You can remove most malware on your web browsers by following these steps:
Remove suspicious browser add-ons.
Review recent changes to your web browser settings.
Additional security tips and recommendations
Enable two-factor authentication
to add an extra security layer to your account. Two-factor authentication is one of the most effective tools for combating these account compromise applications.
Reset your password
. Never reuse your password across multiple websites.
Turn on log-in alerts
so you’re notified if someone is trying to access your account.
Review your previous sessions to be sure you recognize which devices have access to your account.
Enable business notifications
so you’re alerted of any changes to your Meta Business Manager account.
Use the Security Checkup Tool
to help secure your account.
