Facebook Implements Free Browser-based AV for Users


Related Links

Related Stories

  • One Direction 'Free' Tickets Scam Heats Up Facebook
    Free Stones tickets? How about free One Direction tickets if you’re a little younger? A new Facebook bait-and-switch scam is spreading across friendship circles promising one or both; but users should file this one under 'too good to be true.'
  • Google, Facebook, Microsoft and Other Tech Giants to Fund Open Source Security Initiative
    In the aftermath of Heartbleed, Google, Facebook, Microsoft and other tech giants have come together to better fund OpenSSL and other open-source initiatives to give these projects a much-needed resource injection to keep up with the complexity involved in today's coding.
  • Facebook Builds its Own Threat Information Framework
    Keeping ahead of web-based threats requires a mechanism to continually search for new types of attacks while understanding existing ones. However, data fragmentation and threat complexity plagues efforts to keep track of all the data related to malware, phishing and other risks – differences in how threats are discussed, categorized or even named vary from platform to platform and vendor to vendor. Facebook is taking steps to solve the issue for itself with the release of ThreatData.
  • Naked Videos of Facebook Friends Turn Out to Be Trojans
    If Facebook promised you naked videos of your friends, would you click? As much as you may be tempted to find out why your former 8th-grade computer lab partner is sending you a racy video selfie, beware: it is, of course, a scam.
  • SEA Comes Close to Owning Facebook
    The Syrian Electronic Army (SEA) claimed yesterday that it had owned Facebook. It wasn't quite true in any meaningful way, but SEA came very close to being able to redirect millions of Facebook users to its own websites.

Top 5 Stories


Facebook Implements Free Browser-based AV for Users

21 May 2014

If a malware infection is suspected, Facebook will prompt the user to run a scanner from F-Secure or Trend Micro.

Facebook is taking action against the escalating number of social media exploits of personal and corporate accounts by offering a browser-based malware scanner as a free service.

The service, provided by F-Secure and Trend Micro, will be available to Facebook users whose accounts have been temporarily frozen due to suspicious activity caused by a potential malware infection.

Malware often targets Facebook users and their friends by masquerading as legitimate postings, and embedding malicious links. 

“Facebook’s dramatic global growth has significantly changed how people interact with their friends and family,” said Arto Saari, product manager at F-Secure, in a statement. “In turn, Facebook’s popularity has made it a major target for online criminals. We are pleased to partner with Facebook to stop cybercriminals from taking advantage of Facebook’s user base for malicious ends.”

When a user is logging in from an infected device and Facebook identifies an account behaving suspiciously, he or she will see a notification screen about the malware infection along with a recommendation to use either F-Secure’s scanner or Trend Micro's HouseCall product. The user can choose to skip the malware removal process or download the recommended software. Users who skip the malware removal step may be prompted again later.

Users who download and run the scanner can continue to use Facebook and other services during the scan. The malware scanning and cleanup technology is fully integrated into the Facebook user experience and is executed directly in the browser window, from within Facebook.

When the cleanup is complete, the user will receive a notification through Facebook and will be able to review the results of the scan and securely re-log into their Facebook account. The scanner is suited to the type of threat detected, so it’s recommended to run it even if the device already has an anti-virus program installed. It will also remove itself once done running.

Last week, a bait-and-switch campaign was discovered that draws victims in with a promise of hard-to-get tickets to One Direction or the Rolling Stones. 

Facebook has taken steps of late to beef up security, by implementing two-factor authentication and earlier this year launching a bespoke threat information network. Dubbed ThreatData, it’s a framework for collating information on internet threats that could impact the social network, for analysis by real-time defensive systems and longer-term examination. After Heartbleed in April, Facebook joined Google, Microsoft and other tech giants to better fund OpenSSL and other open-source initiatives to give these projects a much-needed resource injection to keep up with the complexity involved in today's coding.

“Helping people stay safe on Facebook is a hugely important part of what we do and we’re glad to be adding the strength of F-Secure’s anti-virus technology to our existing systems to block and eradicate malware,” said Chetan Gowda, software engineer at Facebook, in a blog post.

This article is featured in:
Industry News  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×