Jake Brill, a project manager for the site integrity team at the social networking site, claimed that one of the biggest challenges it faces is helping people whose accounts have been compromised by spammers to understand how it happened and how to fix the problem.
Brill said: “The vast majority of people who use Facebook have never experienced a security problem. For the small number who do, knowing how to fight back is key. It can be an embarrassing experience to log in to Facebook to find that unauthorised messages have been sent from your account and then face questions from friends who have received spam from you.”
He further claimed that improvements are underway to guide people through the process of regaining access to their account after it has been compromised and used to send spam. Facebook currently sends emails explaining what has happened and provides links to remedy the situation.
It is now moving towards a new model that also involves clear and simple steps taken within Facebook itself. These include when a notification email is sent to a compromised user a page explaining what happened will be included, likely informing the user that their account has been compromised by a phishing attack.
A verification process will ensure that they are the legitimate owner of the account in question. This will be followed by a new, secure password and they will be referred to the Facebook security page that includes helpful tips and information on how to be safe on Facebook and across the internet.
Brill said: “This new change will help us not only fight spam, but also spread the word about security on Facebook. In the coming months, we'll be rolling out similar processes to address the different threats people may face. Our teams are working hard to make sure you never experience a security issue on Facebook, and in the rare case that you do, we're committed to making the process of regaining control of your account easy and informative.”