Every day, Facebook blocks users from clicking on 220 million malicious links and deals with 600,000 ‘compromised’ logins, the social network has revealed.
The service said it blocks up to 600,000 accounts on any given day to protect the site’s integrity. Put another way, .06 percent of the site’s 1 billion logins per day are “compromised”, Facebook said in the report.
The figures were released alongside the announcement of new security measures, including the ability to nominate Trusted Friends who can aid a user to regain access to their account.
“While Facebook does block (approximately) 600,000 logins per day, it is not that these Facebook accounts are compromised on Facebook, and certainly not that they’re ‘hacked’ as some have written,” Facebook said in a statement provided to eWeek Europe UK. “There may be compromised accounts that appear on Facebook, but more often than not they are compromised off of Facebook.”
The “compromised” logins refer to cases in which Facebook blocks a login attempt for whatever reason.
“Compromised in this sense refers to logins where we are not absolutely confident that the account’s true owner is accessing the account and we either preemptively or retroactively block access,” Facebook stated. “We are being preventative and helping make sure people secure their account even if they aren’t actually compromised on Facebook.”
Facebook said it scans 2 trillion link clicks per day and blocks 220 million attempts to click on malicious links. The company has 300 full-time staff focusing on security and safety, Facebook said in the report.
The figures underscore the seriousness of the security challenges facing Facebook, something for which the company is taking increasing criticism.
Graham Cluley, senior technology consultant at Sophos, wrote on the Naked Security blog that some of the new security features seemed “pointless”.
Even if the friends chosen in the Trusted Friends features are trustworthy, it seemed like a logical move for an attacker to change the trusted friends setting as soon as the account has been hacked.
“If a bad guy has taken over your Facebook and email account, isn’t it likely that he will also change who your trusted friends are at the same time? Wouldn’t that make the whole security measure kinda pointless?” Cluley wrote.
In April Sophos posted an open letter to Facebook taking it to task for its ongoing safety and privacy issues.
Sophos security experts outlined three steps Facebook should take to better protect its users and improve overall data security in a post on the company’s Naked Security blog. Facebook needs to enable privacy and HTTPS by default and start vetting applications that appear on the site, wrote Graham Cluley in the letter.
As part of its latest report Facebook highlighted that those measures are now underway. All logins now take place through an HTTP connection and IP addresses, user accounts and applications are now vetted, Facebook said in the report.
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…