The popular social networking site Facebook successfully fought off an attack from a piece of malware yesterday, the second attack this week. Facebook, which claims 200 million users, said the phishing scam tricked users into clicking on a link in the messages inbox that took them to a false Facebook Website here cyber-criminals were able to access their login information.
The company said April 30 it was able to shut down the two malicious links at the core of the attack, fbstarter.com and fbaction.net. Facebook said it is also in the process of removing messages that refer to the link, which tricks users with the message "Look at this!" as well as resetting passwords for affected members. Wednesday's attack, a similar worm, directed users to the site BAction.net.
In the wake of the attacks, Facebook and brand protection firm MarkMonitor announced that Facebook is using MarkMonitor's AntiFraud Solutions to supplement Facebook's own in-house security efforts in protecting users against malware attacks. Facebook, which already uses MarkMonitor AntiFraud Solutions to help combat phishing attacks, is expanding its use of MarkMonitor to further protect Facebook and its users from ongoing malware attacks.
Facebook threat analyst Ryan McGeehan said the company's deep commitment to the safety of its millions of users requires a strong, proactive security strategy, best-of-breed technology and active engagement with industry leaders. "MarkMonitor demonstrated that it understood the complexity of the phishing issue we were facing so it was a natural next step for us to bolster our own security systems with their anti-malware solution," he said.
MarkMonitor officials said the company's breadth of data sources, fast site shutdowns, forensic reporting, preventative tools, and response network would enable Facebook to prevent, detect and respond to phishing and malware attacks. Security software specialist Panda Security provides detection and analysis of malware.
According to MarkMonitor, social networking powerhouses like Facebook are often prime targets for malware attacks due to the brand's strong appeal, which can be used to trick users into being infected and offers the ability to use the communication platform as a distribution channel.
Once infected, malware can cause havoc on a user's PC by deleting important files and creating general disruption to the user experience. Malware can also achieve nefarious purposes by residing silently on a system and capturing personal information such as usernames, passwords and social security numbers that can be used to perpetuate identity theft.
"The meteoric success of Facebook makes it a natural target for malware attacks that seek to capitalize on their trusted and recognizable brand," said MarkMonitor's Chief Marketing Officer Frederick Felman. "Our experience protecting Fortune 500 companies, as well as our close day-to-day interaction with Facebook's own dedicated security team, allows us to expertly address Facebook's concerns about malware and phishing, and to help protect their platform and their users from ongoing attacks."