I’ve got to admit, I’m pretty quick to get on Facebook’s back when it comes to privacy and web security, so I think they deserve the same coverage when they do something helpful and sensible in this area. One of my pet peeves when I log on to Facebook is seeing all of the links and videos that my friends have posted which they clearly wouldn’t have intentionally done – a married friend of mine in his 40s posting something like “OMGZ!!! Check out these photos a girl uploaded that got her fired! LOOOOLL!!” for example.
These sort of spam attacks that encourage people to click on a links because they believe it to be from a trusted source – their friends – are common on Facebook due to the fact that there is a huge captive audience with a high frequency of sharing activity, so it’s an ideal way to spread malware and cause other nuisances. But now Facebook have teamed up with Websense to add a phishing safety net.
This new addition means that Facebook’s protection of its users from external sites is powered by Websense’s “Threatseeker Cloud”, allowing harmful URLs to be blocked in realtime, even before they are added to the database of known malicious URLs. If a user clicks on a link that is believed to present a threat, they will first go to a ‘holding page’, where they are warned of the potential dangers, before being given the choice to return to the page that they were previously viewing, or alternatively that can proceed to the intended page, but very much at their own risk.
It is hoped that this new measure will help bring down the amount of users who are inadvertently handing over personal information to third-parties and scam artists as a result of being the victim of a phishing attack carried out through Facebook. In the past, many users have actually had their accounts hi-jacked and had to rebuild a Facebook profile after clicking on links supposedly posted by friends.