Suddenly I started getting one of these users per day signing into my web app. Here is an example email: [email protected]
They only sign in with Facebook and do some minor activity. Not harmful, but quite annoying to be honest, they screw up my metrics.
Are they legit somehow? Is there any way to stop them?
I exclude any malicious activity https://www.whois.com/whois/tfbnw.net
Those seem to be a genuine internal Facebook QA team test.