Facebook today announced “Trusted Contacts,” an update to its “Trusted Friends” security feature that sends access codes to a few of a user’s close friends in order to help the person regain access to their account when needed.

Users will now be able to designate their Trusted Contacts in advance and change them if necessary through the Security Settings dashboard. Previously, users only encountered this feature when they were having trouble with their account. This meant that many users were unfamiliar with it. By making Trusted Contacts part of a user’s main settings, more people might understand what it is before they have a problem — or before they are called upon as a Trusted Contact themselves. This will help users be able to use the feature more effectively.

Facebook says it has also improved the flow for people who are their friend’s Trusted Contacts, giving them more information throughout the process of helping someone get back into the account. They’ll also be notified when they are selected, another way to help people understand the feature in advance. Some users are often wary of unfamiliar Facebook features, suspecting they might be part of a scam. We’ve heard from users who didn’t initially trust Facebook’s Offers or Gifts products because they thought they were third-party spam. Something like Trusted Friends with access codes to let another user log into their account might have seemed too suspicious to some. The changes today could help avoid that.

(more…)

Some Facebook users have fallen victim to a new phishing scam, which takes over a user’s Facebook account, Liking pages and posting links on their behalf, according to PC World.

The scam reportedly begins with an email that prompts users to download a new “business” version of Adobe Flash Player. Users who click on the spam link are taken to the Chrome Web Store to download a browser extension. After users download the extension, the malware will check to see if a user is logged into Facebook, and if so, it will use a script to control the account.
(more…)

Facebook today detailed a malware attack that occurred last month, but which has been remediated and reportedly did not result in any user data being compromised.

Facebook says the attack originated when some employees visited a mobile developer website that had been compromised and led malware to be installed on the employees’ laptops. After the company’s security team identified the malicious file, it flagged other infected laptops and removed the malware. Facebook says it informed law enforcement and is continuing an investigation along with others who were attacked. The company did not name other companies who were infiltrated this way, but it says it was not alone.

Facebook says it has “found no evidence” that user data was compromised. According to Ars Technica, which spoke to Facebook Chief Security Officer Joe Sullivan, the attackers gained “some limited visibility” into Facebook’s production systems as well as some corporate data, email and software code from the laptops themselves, but this did not lead to any extraction of user information.
(more…)

Facebook added 27 new positions to its careers page this week, including a number of openings on the security, engineering, finance, marketing and sales teams.

The company added a listings for a security program manager, a security operations center manager and a safety and security engineer.

Other noteworthy jobs include a vertical client partner focused on fast-moving consumer goods, a manager of ecosystem measurement and a presentation designer for the business marketing team.

New listings added to Facebook’s careers page:

• Safety and Security Engineer (New York)
• Finance Manager (São Paulo)
• FP&A, Sr. Financial Analyst – G&A (Menlo Park)
• IT Field Manager – APAC (Singapore)
• Legal Compliance Operations Specialist (Menlo Park)
• Manager, Global Law Enforcement Response Team (Menlo Park)
• Executive Protection Specialist (Menlo Park)
• Security Operations Center Manager (Menlo Park)
• Security Program Manager (Menlo Park)
• Software Engineer, Internal Tools (Menlo Park)
• HR Specialist, APAC (Singapore)
• Business Recruiter (Menlo Park)
• Recruitment Coordinator (1 year fixed term contract) (Dublin)
• Recruiter (Tokyo)
• Technical Program Manager, Network Engineering (Menlo Park)
• Manager, Marketing Communications Industry Relations (Contract) (Singapore)
• Presentation Designer, Business Marketing (Menlo Park)
• SMB Associate, Marketing Communications (Menlo Park)
• Small and Medium Business Growth Associate – Spanish Speaker (São Paulo)
• Small Business Analyst (Sao Paulo) (São Paulo)
• Vertical Client Partner – FMCG (London) (London)
• Account Manager Brazil (São Paulo)
• Account Manager Brazil (São Paulo)
• Client Partner e-commerce, Japan (Singapore) (Singapore – Tokyo)
• Client Partner e-commerce, Korea (Singapore) (Seoul – Singapore)
• Client Partner (Toronto)
• Manager, Ecosystem Measurement (Menlo Park)

Who else is hiring? The Inside Network Job Board presents a survey of current openings at leading companies in the industry.

Some users see option to message Zuckerberg for $100 - As part of Facebook’s paid message test, some users are seeing an option to send a message to CEO Mark Zuckerberg’s inbox for $100. When Facebook began the paid message test, the company said it would charge $1 to have messages rerouted from a user’s Other folder to the main inbox, but that it would also try higher price points for public figures and celebrities. As for the $100-price tag for Zuckerberg, Facebook told Mashable, “We are testing some extreme price points to see what works to filter spam.” Image via Mashable. 

Facebook issues grants to local nonprofits – Facebook has given $200,000 in grants to 42 nonprofits in Menlo Park and East Palo Alto, according to the Mercury News. The donations are part of a deal with the city of Menlo Park that gives Facebook permission to expand its headquarters there. The grants range from $2,500 to $5,000 and support causes including youth programs, food distribution, small business aid and clothes for homeless kids.

Facebook solves password security flaw – Facebook has fixed an issue that would have allowed someone to change a user’s password without the user’s knowledge, according to researcher Sow Ching Shiong who discovered the security flaw. Previously, someone could visit Facebook.com/hacked on a logged in account and reset the password without being asked for the original password. Since the discovery, Facebook asks users to verify their password before proceeding.

Facebook customer satisfaction worse than any other social network - Facebook scored the lowest out of any social networks in the latest American Customer Satisfaction Index ratings. Facebook’s score of 61 put it last among social networks and third worst of all companies in the index. Facebook’s score is tied with that of cable and internet provider Comcast. Google+ and Wikipedia came in first among social networks with a score of 78. The ACSI ratings are based on customer surveys.

A new scam targeting Facebook page owners uses Facebook messages and a fake verification page to obtain user logins and passwords.

The phishing scam begins with a Facebook message from a “Security Team” profile that uses Facebook’s security logo. The message tells admins that their page is in violation of terms of service and threatens to permanently suspend the user’s account. Then it offers users the option to “verify” their account if they believe the situation is a mistake. Users are taken to a link where they are asked to provide their page name, email address or phone number, and password.

A few signs would help page owners recognize this message as phishing. First, the social network’s official page about security is called “Facebook Security” not “Security Team.” Clicking the profile which sent the message would reveal that the page was not legitimate.

More tellingly, the message links to the following web address: apps.facebook.com/PageSecurityTeam. URLs that begin with “apps.facebook” are third-party applications. Facebook would likely use a URL that begins with “facebook.com.” Users should be careful entering their information into fields within page tabs, apps.facebook.com canvas pages, and off-Facebook.com websites.

This scam was first reported by Facecrooks, which points out scams like these and offers recommendations for how users can protect their information.

Images via Facecrooks

Facebook notifies class action suit members about settlement – Facebook began sending proposed settlement notices to users it believes are members of a class action lawsuit that entitles them to up to $10 in compensation. The suit, which claimed Facebook unlawfully used members’ names and photos in Sponsored Story advertisements, resulted in a $20-million settlement, which was granted preliminary approval last month. Now Facebook is emailing class members to let them know they can file a claim and receive up to $10 depending on how many claims are made and other factors. A fairness hearing over the matter will be held on June 28. Users can find more information on the Fraley Facebook Settlement website.

Privacy flaw disrupts New Year’s Midnight Delivery service – Before New Year’s Eve, Facebook created an application for users to write messages that would be delivered at midnight on the holiday. A business IT student found a security flaw that allowed anyone to see other users’ messages by manipulating the ID number of the confirmation page URL. It was even possible to delete other users’ messages until Facebook took down the page and fixed the loophole. However, the service still suffered from some issues. We found that messages that were supposed to be sent at the stroke of midnight were not actually delivered until hours later.

Chinese RTB platform accesses FBX – Chinese real-time bidding platform iPinYou can now access Facebook Exchange inventory, according to China Daily. iPinYou says there are a large number of Chinese advertisers that want to reach an international audience through Facebook, such as exporters and travel companies. Facebook is blocked in China by the government, though an estimated 63.5 million Chinese users are getting around the ban by using proxy servers.
(more…)

Facebook works with FBI to take down cyber-criminals – Facebook helped the Federal Bureau of Investigation bring down a cyber-criminal ring responsible for infecting more than 11 million computers with “Yahos” malware and causing more than $850 million in losses. The social network helped identify the criminals and affected accounts, leading the FBI and international law enforcement agencies to arrest 10 people involved with the crimes between 2010 and 2012.

Android SDK out of beta – Facebook this week brought the Facebook SDK 3.0 for Android out of beta. The SDK helps developers build social Android apps by providing native UI controls, simplifying session management and improving API support. Facebook says the beta SDK was downloaded more than 80,000 times in six weeks.

Nimble launches CRM app for HootSuite

Nimble this week announced a strategic partnership with HootSuite to help users manage their business network and track social conversations. Nimble combines users’ business contacts, emails, social communications and calendar activities into a single social contact manager. The Nimble app for HootSuite allows users to view their Nimble contacts in HootSuite, add new contacts and more. They can view contact information and a complete conversation history, along with follow-up tasks and other notes.

Instagram to take steps against spam – Instagram let users know late last week that the company is working to reduce spam on the service. “There’s no quick fix, but we have a team of engineers working every day to tackle the issue and we hope you’ll notice their improvements,” the company wrote in a post on Instagram. The company also encouraged users to continue to report the spam they see in comments on photos.

RTB companies await FBX certification – Real-time bidding providers [x+1], Optimal and Kenshoo are still waiting for official approval to be considered partners in the Facebook Exchange, AdExchanger reports. The companies have been providing FBX services either through an integration with AppNexus or another company, or have been allowed early access as they await evaluation from Facebook. After final approval, they’ll be added to the new PMD Center, which includes a section for FBX partners.

Facebook updates Android app – Facebook released an update for its native Android app Thursday, including improvements for photo sharing. Photo tagging is faster and users can now choose an album for their uploads. The app also fixes an upload bug that affected some users.

Facebook takes steps against bullying – Facebook launched a bullying prevention page in its Family Safety Center on Thursday as part of National Bullying Awareness Month. The page includes resources like a support dashboard to help users follow up on problem posts, a video describing how to use social resolution tools, a video featuring successful stories from communities fighting back against bullies and links encouraging members to take the Stop Bullying: Speak Up pledge. Facebook also partnered with the Ad Council to raise awareness of the issue of bullying through a new PSA.

Facebook partners with more anti-virus companies -Facebook this week announced the expansion of its AV Marketplace to include 7 new partners offering free anti-virus software for Facebook users: avast!, AVG, Avira, Kaspersky, Panda, Total Defense and Webroot. Existing partners Microsoft, McAfee, Norton, TrendMicro and Sophos will begin offering anti-virus software for users’ mobile devices.

Facebook names World Hack winners – Facebook announced the grand prize winners of its Facebook Developer World Hack this week: Paperclip.io from Taipei, Chained Story from Buenos Aires, and BoostMate from Moscow. The teams have won a trip to Facebook headquarters in Menlo Park, where they will meet with members of the Facebook engineering team. The Facebook Developer World Hack included events in Austin, Mexico City, Buenos Aires, Sao Paulo, Taipei, Berlin, Jakarta, Bangalore, Barcelona, Vancouver, Warsaw and Moscow. The company hosted more than 2,000 developers ans saw more than 330 demos of social products.

Facebook PAC gives more to Republicans; employees give to Democrats – Facebook’s political action committee has given $140,000 to Republican congressional candidates and $127,000 to Democrats through the end of September, according to a CNNMoney review of federal records released Monday.  However, donations from the company’s employees have totaled $116,300 for Democrats and $53,700 for Republicans, according to the Center for Responsive Politics. Facebook COO Sheryl Sandberg has given $30,800 to the Democratic National Committee and $5,000 to President Obama, and dozens of smaller contributions to congressional Democrats. Facebook’s PAC did not make any donations to presidential candidates.

Facebook opens London engineering office – Facebook opened its first international engineering office in London on Tuesday. Philip Su, who previously led on Facebook’s Skype integration, is reportedly heading up the team there. London engineers will work on a “range” of products including Facebook’s platform and mobile products. Facebook already has a London sales team working with local agencies on social marketing services.

Stock rebounds slightly – Facebook shares closed at $18.98 today, up after an all-time low earlier this week when the stock traded at $17.59 mid-day Tuesday. The company this week decided not to make a secondary offering, which would have put more shares on the market and likely hurt the price even further. CEO Mark Zuckerberg indicated that he would not sell any of his shares for at least a year, and board members Marc Andreessen and Donald Graham say they will only sell what they need to in order to cover taxes, which some on Wall Street took as a sign of confidence. Facebook also officially closed its deal to acquire Instagram this week.

Facebook says no plans for China expansion - Facebook’s North Asia Director Jayne Leung told conference attendees in Hong Kong that the social network has no plans to expand to China, where it is currently blocked by the government. China has an estimated 538 million Internet users among its total population of more than 1.3 billion, but Facebook faces many legal hurdles in the area. Renren and Sina are approved social networks that dominate the country.

Facebook lags behind Twitter mobile revenues for now – Twitter will earn more U.S. mobile advertising revenue this year than Facebook, according to eMarketer, which projects $129.7 million for Twitter and $72.7 million for Facebook. The company did not estimate non-U.S. revenue. Although Facebook has a much larger advertising business on the web, its mobile offering is far newer and less developed. However, eMarketer expects Facebook to grow significantly in mobile, possibly reaching $629.4 million in revenue by 2014, compared to an estimated $444.1 million for Twitter at that time.

Big Break for Small Businesses winners announced - Casale Jewelers (Staten Island, NY), Dick Pond Athletics (Chicago, IL), Dutch Monkey Doughnuts. (Cumming, GA), Hendrick Boards (Orange County, CA) and The Produce Box (Raleigh, NC) were the five winners of the second annual Big Break for Small Business put on by Facebook and American Express. Winners will receive a one-on-one marketing and strategy session with American Express OPEN and Facebook marketing experts, along with $25,000 in cash.

New tool helps users understand Facebook apps they add – Privacy protection company secure.me this week launched App Advisor to protect Facebook users from apps that collect their information and gain permission to take actions on their behalf.  The tool uses information from an analysis of 50 million Facebook users and more than 500,000 apps to provide transparency about how these apps operate after being connected with users’ accounts.