Sep 5, 2012

Facebook Taps Sophos to Help Expand User Protection Against Malware

Facebook has added the data protection company Sophos to its list of partners working to make it easier for users to protect themselves from malicious links on the social networking site.
“For many hundreds of millions of people, Facebook has become the default forum for sharing and consuming opinions, news and personal content. Because content is typically posted by a trusted source--a friend--many users incorrectly assume links are safe. Scammers often take advantage of the trust relationship to fool users into clicking malicious links,” SophosLabs vice president Mark Harris said in a press release on Wednesday.
Facebook uses a database of known malicious links and a tool called a “link shim” to identify ones being shared on the site and warn users, but it’s up to users to decide whether they continue to the questionable site. In January, Facebook said it wanted to make sure links weren’t sending users to suspect Web sites. Starting Tuesday, Sophos began feeding information into this database, becoming Facebook’s latest partner in online security.
Sophos isn’t the first company Facebook has teamed up with to fight malicious links--Facebook also uses information from lists generated by McAfee, Google, Web of Trust, and Websense--but “it’s bringing broader coverage of the threat. Each of the security vendors has their own methods of researching and finding malicious content online. As a result of that, we each have databases of known malicious content,” said SophosLabs U.S. manager Richard Wang by phone earlier this month. Different companies use different technologies to discover new threats. “Bringing Sophos on board gives them that extra bit of protection,” he said.
“It’s useful to get extra protection to them since they’re obvious a huge target market for the hackers out there. Anyone would love to have a market of 800 million people and hackers are no different from any one else trying to make money,” Wang said.
On April 9, just days after the Sophos blog Naked Security published a post about a new vulnerability that would allow hackers to access app users' Facebook credentials, Facebook announced that it would it would be buying the photo sharing app maker Instagram for $1 billion. Instagram lets users share photos across multiple social networks using their respective logins. Facebook has since released a statement saying only jail broken devices are vulnerable.
Sophos anti-virus software can be downloaded for free from the Sophos Web site or Facebook page.