An alleged cybercrime ring said to be responsible for losses of $850m (£530m) looks to have been foiled by the FBI - by using Facebook.
In a statement, the US authority said 10 suspects had been arrested globally, including from the UK and US.
Facebook users were targeted over two years beginning in October 2010.
A gang was said to be using a botnet to steal credit card, bank account and other personal identifiable information from victims.
Facebook worked with authorities to reveal the alleged source of the attacks, as well as identifying which users may have been hit.
Other suspects were arrested in Bosnia and Herzegovina, Croatia, Macedonia, New Zealand and Peru.
A botnet is a network of computers that have been infected by a virus that allows a hi-tech criminal to use them remotely.
In this particular attack, 11 million computer systems were said to have been compromised by multiple variants of malicious software known as Yahos.
Cybersecurity teams from around the world were involved in the investigation, including the UK's Serious Organised Crime Agency (Soca).
In a statement, Soca said they had raided a property in Molesey, Surrey, on Tuesday morning.
A man was arrested on suspicion of offences under the Computer Misuse Act. He has been released on bail.
The world's largest social network is no stranger to instances of cybercrime.
Most common are so-called phishing attacks, attempts to trick users into divulging their personal details such as passwords or payment information.
Computer security experts have warned users to be careful over how much personal information they share on the service, and to consider carefully their privacy settings.
Facebook has also been used effectively to fight crime.
Scotland's Lothian and Borders Police trialled a scheme in 2011 to allow people to report criminals via the site, while in India, Delhi Traffic Police's Facebook page is a popular destination for angry motorists keen to upload evidence of dangerous driving.