Facebook should look introspectively and consider scanning for malware and suspicious links
Speaking on a Sophos webcast, senior technology consultant Graham Cluley claimed that it would be great if sites such as Facebook searched its site for content and scanned for malware.
Cluley said: “Anyone who goes to a compromised profile can click on a link that may send them to a malicious site. Compromised accounts are spreading messages and just like computers are compromised, so are social networking sites.”
He further claimed that more needs to be done to encourage knowledge of privacy settings and adoption of strong passwords, as ‘bad guys can take advantage of sites if passwords are not protected'.
Responding to a question posed by SC Magazine asking whether scanning by social networking sites was possible from a technical and data sensitivity perspective, Cluley said: “Facebook should be scanning for links and to see if they contain spam-like messages, this is nothing different from what web mail sites like Hotmail, Gmail and Yahoo are doing on messages sent from their sites.
“Facebook can also do it and make it part of their user terms and conditions, so if anyone doesn't like it they can go and use another site.”
Statistics from the Sophos Security Threat Report asked businesses about spam on social networking sites and 33 per cent said that they had been exposed to spam while a quarter had been phished on such websites.
Cluley said: “Social networking is here to stay whether we like it or not, if email and web were invented today we'd want to ban them too, but we can't shut them out as new generation of employees use them so you need to make sure that they use web filtering and don't click on suspicious links.
“The sites also need to be introspective and look at themselves being safer places, things like sensible use of passwords, scanning messages would be a good idea, there is much more that they can do.”