The Tech Herald

Facebook implements malicious link-scanning service

by Steve Ragan - Oct 3 2011, 15:36

Websense, along with social networking giant Facebook, announced a plan on Monday that will protect users from malicious links posted to their walls and news feeds. The new security feature is part of an integration partnership that relies on Websense’s cloud-based classification engine.

Starting today, Facebook users might notice the warning pictured below as they follow links posted to their news feeds. If a link is known to Websense as malicious, the warning will alert the user and advise them to skip it. Moreover, this same warning also offers a chance to continue and assume associated risk, return to the previous place on the news feed, or obtain additional information.

 

 

Implementing Websense’s ACE (Advanced Classification Engine) on the backend, Facebook is looking to alert users to potentially harmful destinations.

ACE is a real-time analysis engine that lives in the ThreatSeeker Cloud. Over the years, Websense has refined its detection and mitigation abilities, which are leveraged by this technology. It’s the same SaaS (Software as a Service) offering that powers the TRITON security platform used by several enterprises across the globe.

The image below shows how ACE works, as it sits on Facebook's backend.

 

 

The move is sure to cut down on some of the more obvious problems related to Web-based attacks, such as links pointing to known exploit sites. Still, it is unknown if this new step will protect users from falling victim to scams, like the ones looking for survey participants with catchy and often hyped headlines or content.

Example: "You won’t believe what this woman did to her baby! She should be arrested. Video here: hxxp://www.[redacted].com"

This is because such sites have to be classified by ACE before they are blocked. While ACE is quick on the uptake, we here at The Tech Herald don't think this will end the world of Facebook scams any time soon.

However, it will help some corporate users when it comes to mixing business with social pleasure. According to a study from Ponemon, 63 percent of organizations surveyed agreed that social media use by employees places the business at risk of infection and other security-related issues. Oddly enough, only 30 percent had some sort of AUP or other controls in place to address such factors.

Automatic notifications, combined with a policy or general rule to skip links that are flagged, could go a long way to offering some basic protection to business users. Yet, this line of thought can only be tested over time.

Home users are better off avoiding the flagged links, unless they are willing to assume the risk or are positive the link is legitimate. In many cases, and we know we're stating the obvious, it is better to be safe than sorry.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

New Mercedes-Benz S63 AMG 4MATIC Coupe (Pictures)

Mercedes have revealed details and pictures of their new S63 AMG 4MATIC Coupe — and it’s a b...

Shelby GT350 Mustang Pictures

We have added a bunch of pictures of the all-new Shelby GT350 Mustang from Ford. The ne...

All-new Shelby GT350 Mustang

Ford have revealed details of the new Shelby GT350 Mustang. First introduced in 1965 the new...

Best Cars To Buy In 2015

Leading vehicle research company Kelley Blue Book has released its list of the best cars to ...

A.C. Milan Take On Audi R8

Five A.C. Milan stars take on an Audi R8 in a game of street soccer in a new ad for Toyo Tir...