Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

However, all this comes amid a drumbeat of reports about scams on the network. And Facebook’s own data suggest that large numbers of people are exposed to some scams over time—and that the site does experience 600,000 compromised logins daily. Each compromised login can mean a hacker or criminal might be sending attacks to a user’s contacts under his or her name.

These messages could be phishing schemes that try to trick people into revealing passwords for bank accounts or other services. Others could contain links that try to defraud users by flashing phony warnings of infection and prompting them to pay for phony antivirus software. These messages may include links to malicious sites that make attempts to download viruses to steal data or hijack the computer for cyber-attacks.

In the past year or two, Facebook and other websites have seen a rising number of malicious Web addresses that lead to attacks like these. So over the past year Facebook has enlisted two outside firms—Web of Trust and Websense—to help the site block known malicious links. The targets are gathered from security companies, law enforcement, and even actual users who report suspicious links.

The problem with this method is that there’s a time lag before many such links are detected. Often, they are further hidden by link-shortening services such as Earlier this year, the Web security firm Symantec reported that in 2010, malicious links made up two-thirds of all such short links on social networks. The company added that almost 90 percent of them had been clicked by users at least once.

Users are perceiving rising problems. In July, for example, the security firm Sophos reported that 81 percent of survey respondents saw Facebook as the “biggest risk” online—up from 60 percent in 2010.

In addition to the tweaks announced today, a remarkable real-time fight is escalating. Facebook actively looks for patterns of viral propagation and other behavior that seems malicious. Machine-learning algorithms update every 30 minutes to find and squelch the source of such attacks, says Stein.

5 comments. Share your thoughts »

Credit: Facebook

Tagged: Computing, Web, security, Facebook, hackers, phishing, identity theft

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me