Facebook Security Response

.storyAd{display:none;} Security is a top priority for Facebook, and we devote significant resources to helping people protect their accounts and information.

We’ve built numerous defenses to combat phishing and malware, including complex automated systems that work behind the scenes to detect and flag Facebook accounts that are likely to be compromised (based on anomalous activity like lots of messages sent in a short period of time, or messages with links that are known to be bad). Once we detect a phony message, we delete all instances of it across the site. We also block malicious links from being shared and work with third parties to get phishing and malware sites added to browser blacklists or taken down completely. Users who’ve been affected are put through a remediation process so they can reset their password and take other necessary steps to secure their accounts. You can read more about this in our blog post here: http://blog.facebook.com/blog.php?post=107720572130.

We're constantly innovating on security just as we are on the products that help people share and connect. Recently, we launched a new feature to give people greater control over their logins by allowing them to approve those devices they use to access Facebook and then be notified immediately if their account is ever accessed from a device that hasn't been approved (http://blog.facebook.com/blog.php?post=389991097130).

We also regularly work with others across the industry to identify and respond to potential threats. As an example, on the malware front, we’ve worked with Microsoft to push a solution to the Koobface virus through Windows Update (http://blog.facebook.com/blog.php?post=68886667130). We’ve also worked with McAfee to integrate a unique Scan and Repair tool into our own remediation process for compromised accounts and to offer all 500 million people who use Facebook a complimentary subscription to McAfee security software (http://blog.facebook.com/blog.php?post=248766257130).

Security is an arms race, and our teams are always working to identify the next threat and build defenses for it. Most of these defenses are invisible to users, and while malicious actors are constantly attacking the site, what you see is actually a very small percentage of what’s attempted.

To combat these threats, we need people to practice safe behavior. We work hard to educate people on how to be safe through our blog and the Facebook (http://www.facebook.com/facebook) and Facebook Security (http://www.facebook.com/security) Pages. We regularly update the Facebook Security Page and the over 2.4 million people who have liked it with tips and information about new threats. We also work with outside experts on education initiatives.

Fred Wolens, Facebook Public Policy