Messages From Your Facebook Account Could Be For Sale

Remember when Facebook had to reset 90 million accounts just over a month ago due to a security breach? Well the BBC is now reporting that private messages from 81,000 hacked Facebook accounts are for sale online.  Keep reading to learn how this was done and what you should do to protect yourself.

First of all, it’s always important to protect yourself. You can protect your online browsing with McAfee. McAfee flags risky websites, blocks spam from your inbox, and encrypts the files on your computer, try it here!

In September, FBSaler, posted samples of private messages on a cyber marketplace linked to Russian contacts. They were peddling the data at 10 cents per profile and promised access to over 120 million accounts, that’s 6% of Facebook’s monthly user base.

BBC confirmed the legitimacy of the private messages stolen from 81,000 accounts. FBSaler also posted contact information from additional accounts, although that information could have been picked up publicly.

How?

Facebook wasn’t breached. This time around malicious browser extensions are the culprit. Browser extensions are small applications that download and sit to the right of your address bar.

Facebook’s VP of product, Guy Rosen said, “We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores… we have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”

The FBSaler sales posts have since been taken down.

What can you do?

  1. Make sure you don’t have malicious browser extensions – here’s how you can check what extensions you have on any browser.
  2. Be careful about the programs you download. Sometimes malware or Trojans are bundled into programs you download intentionally so always double check and protect yourself with McAfee.
  3. Share this article so your family and friends stay safe online too!

Leave Comment

Your email address will not be published.