Skip to Content
dangerous Facebook malware
© Audiohead |
Security & privacy

Watch out for this scam going after Facebook accounts

You’d probably be surprised to learn how valuable social media information is to cybercriminals. Sure, they always want to find ways to infiltrate your bank accounts, but your Facebook details are also a gold mine.

That’s why they pull out all the tricks to steal your Facebook information. A recent example was a collection of over 400 apps caught stealing Facebook credentials. Tap or click here for all the details.

Earlier this year, a dangerous malware variant linked to hackers in Vietnam was discovered targeting Facebook Business account data. But the malware has been updated and targets ordinary people like you. Read on to see how the malware works and what you can do about it.

Here’s the backstory

In July, security researchers from WithSecure found phishing campaigns spreading Ducktail malware. The malware would steal browser data and Facebook Business account details if your device were infected. The scheme has been updated and now targets everyday Facebook users with PHP code.

The malware hides behind freeware links you might encounter on Facebook or through phishing emails. If you try downloading free games, adult videos or pirated software like Microsoft Office, your device could be infected with Ducktail malware.

According to ZScaler, when the malicious code infects your device, it performs several actions. It can steal information stored in your browser, capture login credentials for online accounts, including Facebook, steal data related to cryptocurrency accounts and more. In other words, thieves could pilfer your digital life.

The updated malware will still steal sensitive business details if you have a business Facebook account. It’s designed to target owner details, payment information, PayPal accounts and more. It’s critical to avoid this malware at all costs. Thankfully there are ways to accomplish that.

How to avoid malware

One key way to avoid infecting your devices with malware is to stay away from pirated software. Promises of free Hollywood blockbusters or costly programs like Microsoft Office are typically tricks for hiding dangerous malware. Never trust pirated software. But there are other safety precautions you also need to take.

  • Be cautious with links and attachments. Don’t click on links and attachments that you receive in unsolicited emails. They could be malicious and created to infect your device with malware.
  • Only download apps from official app stores. Always go to official sources like Apple’s App Store and the Google Play Store.
  • Keep your devices updated with the latest patches and fixes. We alert you to those over at Tap or click here to try Kim’s free email newsletters to get the alerts right to your inbox.
  • Use two-factor authentication for better security. Did you know Facebook offers 2FA? It does. Tap or click here to learn how to set it up.
  • Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at That’s over 85% off the regular price!

Keep reading

Buying a house or know someone who is? This down payment scam is a nightmare

Phone scam warning: Hang up if you get one of these calls

cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out