Skip to main content

Recommendations to mitigate Facebook flaw in "view as" feature

This advisory provides information about how to protect yourself to minimise the risk of further breaches caused by attackers exploiting the flaw in the 'View As' feature on Facebook.

What you should do

Facebook recommend users who are having issues logging in should visit the Help Centre page. And users who want to log out of Facebook accounts should visit the "security and Login" section in the settings. 

For further information, see Facebook's Security Statement.

How to protect yourself

The ACSC has a number of preventative measures Australians can take if they are the target of a phishing scam:

  • Change any passwords you have revealed.

  • Inform the organisation the scammer pretended to be from.

  • If you've sent money or personal banking details to a scammer contact your bank immediately. Most big banks will cover any loss if someone makes an unauthorised transaction on your account, as long as you have protected your client number and passwords.

  • IDCare is Australia and New Zealand's national identity and cyber support service and is available on 1300 432 273 if you believe your personal information has been put at risk.

  • Report scams to the Australian Competition and Consumer Commission's Scamwatch. Include as much information as possible about the scam message in your report (e.g. the email itself, or a screenshot).

  • If the phishing has led to a crime, file a report with ReportCyber.

More information

Visit cyber.gov.au to learn more about cyber security, including common threat types and understanding how passwords can be your first line of defence.

To report a cyber incident or threat, visit ReportCyber.

Visit the OAIC website for further information on the incident.