The Tech Herald

Facebook implements malicious link-scanning service

by Steve Ragan - Oct 3 2011, 15:36

Websense, along with social networking giant Facebook, announced a plan on Monday that will protect users from malicious links posted to their walls and news feeds. The new security feature is part of an integration partnership that relies on Websense’s cloud-based classification engine.

Starting today, Facebook users might notice the warning pictured below as they follow links posted to their news feeds. If a link is known to Websense as malicious, the warning will alert the user and advise them to skip it. Moreover, this same warning also offers a chance to continue and assume associated risk, return to the previous place on the news feed, or obtain additional information.

 

 

Implementing Websense’s ACE (Advanced Classification Engine) on the backend, Facebook is looking to alert users to potentially harmful destinations.

ACE is a real-time analysis engine that lives in the ThreatSeeker Cloud. Over the years, Websense has refined its detection and mitigation abilities, which are leveraged by this technology. It’s the same SaaS (Software as a Service) offering that powers the TRITON security platform used by several enterprises across the globe.

The image below shows how ACE works, as it sits on Facebook's backend.

 

 

The move is sure to cut down on some of the more obvious problems related to Web-based attacks, such as links pointing to known exploit sites. Still, it is unknown if this new step will protect users from falling victim to scams, like the ones looking for survey participants with catchy and often hyped headlines or content.

Example: "You won’t believe what this woman did to her baby! She should be arrested. Video here: hxxp://www.[redacted].com"

This is because such sites have to be classified by ACE before they are blocked. While ACE is quick on the uptake, we here at The Tech Herald don't think this will end the world of Facebook scams any time soon.

However, it will help some corporate users when it comes to mixing business with social pleasure. According to a study from Ponemon, 63 percent of organizations surveyed agreed that social media use by employees places the business at risk of infection and other security-related issues. Oddly enough, only 30 percent had some sort of AUP or other controls in place to address such factors.

Automatic notifications, combined with a policy or general rule to skip links that are flagged, could go a long way to offering some basic protection to business users. Yet, this line of thought can only be tested over time.

Home users are better off avoiding the flagged links, unless they are willing to assume the risk or are positive the link is legitimate. In many cases, and we know we're stating the obvious, it is better to be safe than sorry.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Chevy Colorado And GMC Canyon Ship To Dealers

General Motors have started shipping their new 2015 Chevy Colorado and 2015 GMC Canyon to de...

Aston Martin Vanquish Carbon Edition Pictures

Aston Martin have revealed some properly moody pictures of their new black and white Vanquis...

Nissan GT-R NISMO Available in Gran Turismo 6

Nissan and Sony have added the new Nissan GT-R NISMO to the in-game dealerships in  Gra...

2015 Kia Soul EV Prices

Kia have announced prices for their all-new Kia Soul EV. The company says this is their firs...

Celebrity Photographer Uli Weber Lauches New Goodwood Revival Book

Celebrity and fashion photographer Uli Weber is to launch a new book at this year’s Goodwood...