As if the past few weeks hadn’t been long enough for Facebook, the account of Facebook board member Jim Breyer was used May 9 to blast malicious links.
Sunday morning, some of Breyer’s roughly 2,300 Facebook friends received a Facebook message from his account that asked, “Would You Like a Facebook Phone Number?” and then presented a link to “see more details and RSVP.”
According to Facebook, this was a standard phishing attack, and the issue has been resolved.
“We take security very seriously and have devoted significant resources to helping our users protect their accounts,” a Facebook spokesperson said. “We’ve developed complex automated systems that detect and flag Facebook accounts that are likely to be compromised based on anomalous activity like lots of messages sent in a short period of time, or messages with links that are known to be bad … We also block malicious links from being shared and work with third parties to get phishing and malware sites added to browser blacklists or taken down completely.
“Users whose accounts have been compromised are put through a remediation process where they must take steps to resecure their account and learn security best practices,” the spokesperson added. “This is what happened with Mr. Breyer’s account.”
Facebook isn’t the only social network that has been dealing with security issues this past day or so. Researchers uncovered a bug on Twitter that could be used to force a user to follow someone. The bug allowed users to add followers by tweeting “accept” followed by the “@” sign and someone else’s user name. As it worked on solving the problem, Twitter temporarily displayed the number of people’s followers as zero, but that too appears to have been resolved.
“We identified and resolved a bug that permitted a user to ‘force’ other users to follow them,” Twitter acknowledged in a status update.