IPhone and Android users are being told to delete specific apps from their mobile phones because they could potentially steal their data.
The dangerous apps have managed to get onto the App Store and Play Store by disguising themselves as popular services such as photo editors, mobile games and VPN services.
However, Facebook has put out an alert after discovering a data hack related to more than 400 apps.
The social media giant says it has found specific apps that appear to have been stealing private logins from smartphone users.
Furthermore, these apps were listed on the official Google Play Store and Apple App Store marketplaces, which means they could have been installed on thousands of devices.
Facebook says it has found more than 400 "malicious" Android and iOS apps this year "designed to steal Facebook login information and compromise people's accounts".
You can find the full list of "malicious" apps here.
Once the apps are installed it tries to access private data by suggesting users need to sign in, via their Facebook account, to gain access to features.
In a post on its newsroom, Facebook wrote : "When a person installs the malicious app, it may ask them to 'Login With Facebook' before they are able to use its promised features.
"If they enter their credentials, the malware steals their username and password."
Apple and Google have already removed the offending apps but they can still be found on third-party marketplaces and anyone who has already downloaded them could still be targeted.
The social media giant wrote: "We identified more than 400 malicious Android and iOS apps this year that target people across the internet to steal their Facebook login information.
"We reported our findings to Apple and Google and are helping potentially impacted people to learn more about how to stay safe and secure their accounts."
Advising people on how to stay safe, Facebook recommended users take the following steps:
Reset and create new strong passwords. Never reuse your password across multiple websites.
Enable two-factor authentication, preferably using an Authenticator app, to add an extra security layer to your account.
Turn on log-in alerts so you’ll be notified if someone is trying to access your account.
Facebook also pinpointed some red flags that Android and iPhone users need to be aware of which can show an app is fake.
This includes requiring a user to log in with social media to use the app, and only functioning once this is done.
Facebook added that looking at the download count for an app, along with ratings and reviews can show whether an app can be trusted or not.