Facebook is shoring up its security protection procedures as the social-networking site comes under attacks from spammers, data thieves and other tricksters, the company's chief privacy officer has said.
Facebook, which has about 100 million daily visitors and about 175 million registered users, has come under scrutiny over how it manages user data as well as how it lets users control who sees their own data. That aggregation of data, as well as high numbers of visitors, makes the site attractive to miscreants and cybercriminals.
"Obviously, we've become a very large target for people trying to hack the site, trying to spam people on the site," said Chris Kelly, who is also the company's head of global public policy, during a presentation at the E-crime Congress in London on Tuesday. "In those rare occasions where these attempts get through, we learn very quickly."
Facebook has an automated system in place that's designed to either stop or eliminate fake profiles, one of the weaknesses of social networks. It looks for odd behaviour, such as having lots of friend requests rejected or too many searches conducted in a short period of time, which can indicate the use of scripts or a bot, Kelly said.
Chat messages and wall posts are also analysed to see if they contain links to bad websites or are posted across a high number of profiles.
Facebook takes down thousands of fake accounts per week, some designed to spam people or perpetrate fraud, Kelly said. The site also heavily relies on its users to report fake profiles, an additional mechanism that the company calls "community verification."
Additionally, Facebook has two security teams - one in California and one in Dublin - that will review reports of nudity, pornography or harassment within 24 hours and other email complaints within three days, since those requests are often more complex, Kelly said.
As far as upcoming features, the company plans to integrate more granular controls over how users can share data with friends, Kelly said. "You'll see this get more extensive over time rather than less," he said. That will allow users to carefully parse what groups of friends they want to share information with.
Still, if users really do not want anyone else to see a bit of information, they should not put it on Facebook at all, Kelly said.
"If you want something to stay truly secret, Facebook is not the site for you," Kelly said.