BitDefender Warns Of Malware-laden Facebook Postings

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved,

A security vendor is warning that Facebook users are still being exposed to malicious posts and threats

Security concerns have once again been expressed about Facebook, despite attempts by the social networking website to improve its security and privacy credentials.

This was underscored by recent analysis by BitDefender of thousands of people using its safego product. According to the company, 22.4 percent of safego users are exposed to malicious posts.

“Safego scans anything that it’s shown on your Facebook wall,” explained Catalin Cosoi, head of BitDefender’s online threats lab. “At this moment, the app has been installed by almost 17,000 Facebook users and we’ve so far scanned more than 30,000,000 wall posts. From these 17,000 users, we found that more than 20 percent had something interesting.”

Facebook Ban

“The threats we are talking about,” he explained, “are menaces that the user gets exposed to, like a link that you should not click or a third-party app that you should not install. Only a small percent of those threats were actually linking to malware. Most of the time, these are apps that will promise the user extra features, or different games, in order to convince you to install them. Once you do, they will post messages on your behalf (in order to continue spreading) and will have access to your personal information.”

With Facebook now at 500 million-plus users, many organisations have been faced with the prospect of designing policies to govern use of the site by employees. A recent poll by Webroot found that 50 percent of the 1,000 US and UK-based businesses surveyed blocked employees from accessing social networks from any computer owned computer.

“One in six of those we surveyed said a social networking site or Web 2.0 application was the source of an infection or attack, and over half of companies said their network was infected with spyware this year,” Gerhard Eschelbeck, CTO of Webroot, explained in a statement 15 November. “Every company needs to develop a policy for social networking use and should also deploy reliable web security services for ongoing protection against zero-day threats.”

Bans Doesn’t Work

A similar survey on the attitudes of small to midsized businesses (SMBs) towards social networks released by Panda Security in September found that nearly 57 percent of the 315 people surveyed work at a company with a social media governance policy in place. Eighty-one percent said there are employees to actively enforce those policies. Additionally, some 64 percent of respondents reported having formal training programs in place to educate employees on the risks and benefits of social media.

If businesses ban social networks, users would just go around the blocking, heading towards proxy websites or other methods, Cosoi said.

“By banning them, users might expose themselves and the corporate networks to threats that are far worse,” he said. “I think (Facebook) educating its users on threats and security would be a good start.”