As the largest social media platform in the world, Facebook is often abused by cybercriminals looking to make a quick buck. That’s why the tech giant has placed such an emphasis on security measures like two-factor authentication to protect its users. However, according to a report in CyberNews this week, hackers have found a basic loophole that has allowed them to steal millions from people on the platform.

In the simplest version of the scam, which has reportedly flourished over the past several months, all a hacker needs to do is gain access to one person’s Facebook account. Then they spam that person’s friends with requests for money.

“The hacker will first get into the compromised Facebook account and ask 5-6 of ‘his’ friends to see who is willing to send them money,” wrote Bernard Meyer in CyberNews. “The hacker asks this person to receive money in their PayPal account, then send the same amount to the hacker’s bank account.”

According to researchers, it is startlingly easy to slip past Facebook’s authentication security measures. (They didn’t reveal exactly how they did it for fear of making it easier for future scammers.) However, the security team did say that it was unable to access Facebook accounts that had Google Authenticator added to them. So, if you want to protect your account from similar malicious activity like this, it might be worth turning to a tech company other than Facebook to protect you.

Recommended Resources

The Choice of Tech Experts Worldwide. Try 90 days free of Bitdefender and experience the highest level of digital safety.

Surf the web truly incognito. Try Bitdefender Premium VPN, the ultra-fast VPN that keeps your online identity and activities safe from hackers, ISPs and snoops.

System Mechanic 14 – Make your computer run like new. Winner of 200+ Editor’s Choice awards!