The Facebook Blog
We take spam prevention seriously here at Facebook, but unfortunately, there is spam on the site. As an example, you may have seen Wall posts advertising free ringtones among other spam, as well as a more malicious form of spam called "Phishing". These two trends are related, and here's why:
Phishing is a method to trick Internet users into visiting fraudulent websites. Phishing websites are designed to look like the login page of popular websites. Because they look real, people log in, accidentally giving criminals access to user accounts. These can then send spam messages to perpetuate the phishing websites and promote services or products. When a phished account is used by a spammer, more Wall posts that are spam or links to phishing sites are sent out, and the cycle continues.
Wall posts that result from this will look out of place; they either advertise products or ask to log you in to Facebook from another site when clicked. If either case is true, keep in mind that it might be spam or a phishing attempt. We wanted to spend some time giving you tips to help you protect your own account, as well as your friends' accounts.
If you think you've been phished or find a phishing site,
Phishing is nothing new, so on our end, we're hard at work developing solutions to make Facebook more resilient to phishing. You may see more changes to Facebook designed to protect your privacy against phishing attacks in the future. If there's anything left unanswered, check out our Security Center.
Ryan works on the site security team and is a dodgeball ninja.
Phishing is a method to trick Internet users into visiting fraudulent websites. Phishing websites are designed to look like the login page of popular websites. Because they look real, people log in, accidentally giving criminals access to user accounts. These can then send spam messages to perpetuate the phishing websites and promote services or products. When a phished account is used by a spammer, more Wall posts that are spam or links to phishing sites are sent out, and the cycle continues.
Wall posts that result from this will look out of place; they either advertise products or ask to log you in to Facebook from another site when clicked. If either case is true, keep in mind that it might be spam or a phishing attempt. We wanted to spend some time giving you tips to help you protect your own account, as well as your friends' accounts.
Remember, Facebook will never ask for your password in an email, Facebook message, or any medium that isn't the login page. Though you will need to re-enter your password when you set a security question, change your contact email, or send a virtual gift. Be extra aware of weird Wall posts. Don't click on any links—on a Wall or elsewhere—if you don't know where they go. Set a security question for yourself on your Account page. If somehow something malicious shuts you out of your account, you will need the answer to that question in order for our User Operations team to let you back in. (If you've already set your security question, you won't see a prompt for it on your Account page.) Be extra aware of what website you are using to log in to Facebook (and other websites). Phishing websites can be made to look like other websites (like the Facebook log in page), and might try to disguise their urls. Be smart: www.facebook.com.profile.a
If you think you've been phished or find a phishing site,
Reset your password on your Account page. Report the issue to Facebook here. Submit phishing sites here and here.
Phishing is nothing new, so on our end, we're hard at work developing solutions to make Facebook more resilient to phishing. You may see more changes to Facebook designed to protect your privacy against phishing attacks in the future. If there's anything left unanswered, check out our Security Center.
Ryan works on the site security team and is a dodgeball ninja.
To post a comment, you must be logged in. To register for Facebook, click here.
Archived Posts by Date
Archived Posts by Blogger
Aditya Agarwal (2)
Alexandre Roche (1)
Ari Steinberg (2)
Blair Heuer (1)
Bob Trahan (2)
Brian Shire (1)
Carolyn Abram (11)
Chad Little (1)
Chris Hughes (2)
Chris Kelly (1)
Chris Putnam (1)
Christopher Cox (1)
Dave Fetterman (1)
Dave Morin (1)
Doug Beaver (1)
Dustin Moskovitz (1)
Ezra Callahan (8)
Florin Ratiu (1)
Harry Huai Wang (1)
James Wang (2)
Jason Sobel (1)
Joe Hewitt (2)
Joel Seligstein (1)
Jon Warman (2)
Josh Wiseman (2)
Julie Zhuo (1)
Kate Losse (2)
Katie Geminder (6)
Kevin Der (1)
Leah Pearlman (3)
Luke Shepard (1)
Mark Slee (6)
Mark Zuckerberg (4)
Matt Cahill (1)
Naomi Gleit (2)
Natalie Minor (1)
Nico Vera (3)
Paul C. Jeffries (1)
Paul Janzer (1)
Peter X. Deng (1)
Philip Fung (2)
Prashant Malik (1)
Randi Zuckerberg (1)
Roddy Lindsay (1)
Ruchi Sanghvi (1)
Ryan McGeehan (2)
Steven Grimm (1)
Tom Whitnah (3)
Victor Valdez (1)
Wayne Chang (2)
Will Chen (1)
Yishan Wong (1)
