TechRepublic reports that one million Facebook account credentials have been stolen in just four months by a Colombia-based threat actor who had leveraged a fraudulent Facebook login portal used to collect victims' credentials. PIXM researchers who examined the code of the fake landing page discovered that the page did not only reference the real server used for user credential collection but also included a link to a traffic monitoring application that revealed the attacker's traffic data, as well as other fraudulent landing pages. The report also showed that the links leveraged by the attacker also came from Facebook. "People often underestimate the value of their social media accounts, failing to enable [multi-factor authentication] and otherwise protect their accounts from cybercriminals. Unfortunately, when bad actors take over an account, it is often used to attack their own friends and family. Through the use of a real account that has been compromised, bad actors will use the trust inherent in a known connection to trick people into taking actions or risks they normally would not," said KnowBe4 Security Awareness Advocate Erich Kron.