Facebook users have made it clear that they want more control over their privacy. The company’s investors said that repeatedly during Facebook’s first shareholders meeting, and the latest Android mobile app update shows that the site is working on more ways to get privacy controls in the users’ hands.
From the Android app, Facebook users can now change the privacy settings on any of their prior posts.
Previously, users could only control who sees posts they’re about to make from their Android app, but now people can go back to any post they’ve made and tweak the privacy settings.
A new scam going around Facebook recently begins with a message to page owners about a new “Fan Page Verification Program.” From there, users are prompted to share their Facebook email and password, which is part of a phishing scam.
Similar to another scam that targeted page admins in the past, the message purports to be from Facebook Security and is designed to trick users into sharing their Facebook login information. This latest scam, detailed by Hoax-Slayer, tells page owners that they qualify for a new security feature and must choose a 10-digit security code by May 30, otherwise their page could be suspended. The message includes a link to a site with form fields for their page URL, email address, password and a “transferring code” of their choice.
Page owners should beware of phishing attempts like these, remembering to never enter their Facebook password anywhere outside of Facebook.com and being careful about sharing any information in third-party apps and page tabs.
Facebook today announced “Trusted Contacts,” an update to its “Trusted Friends” security feature that sends access codes to a few of a user’s close friends in order to help the person regain access to their account when needed.
Users will now be able to designate their Trusted Contacts in advance and change them if necessary through the Security Settings dashboard. Previously, users only encountered this feature when they were having trouble with their account. This meant that many users were unfamiliar with it. By making Trusted Contacts part of a user’s main settings, more people might understand what it is before they have a problem — or before they are called upon as a Trusted Contact themselves. This will help users be able to use the feature more effectively.
Facebook says it has also improved the flow for people who are their friend’s Trusted Contacts, giving them more information throughout the process of helping someone get back into the account. They’ll also be notified when they are selected, another way to help people understand the feature in advance. Some users are often wary of unfamiliar Facebook features, suspecting they might be part of a scam. We’ve heard from users who didn’t initially trust Facebook’s Offers or Gifts products because they thought they were third-party spam. Something like Trusted Friends with access codes to let another user log into their account might have seemed too suspicious to some. The changes today could help avoid that.
Some Facebook users have fallen victim to a new phishing scam, which takes over a user’s Facebook account, Liking pages and posting links on their behalf, according to PC World.
The scam reportedly begins with an email that prompts users to download a new “business” version of Adobe Flash Player. Users who click on the spam link are taken to the Chrome Web Store to download a browser extension. After users download the extension, the malware will check to see if a user is logged into Facebook, and if so, it will use a script to control the account.
Facebook today detailed a malware attack that occurred last month, but which has been remediated and reportedly did not result in any user data being compromised.
Facebook says the attack originated when some employees visited a mobile developer website that had been compromised and led malware to be installed on the employees’ laptops. After the company’s security team identified the malicious file, it flagged other infected laptops and removed the malware. Facebook says it informed law enforcement and is continuing an investigation along with others who were attacked. The company did not name other companies who were infiltrated this way, but it says it was not alone.
Facebook says it has “found no evidence” that user data was compromised. According to Ars Technica, which spoke to Facebook Chief Security Officer Joe Sullivan, the attackers gained “some limited visibility” into Facebook’s production systems as well as some corporate data, email and software code from the laptops themselves, but this did not lead to any extraction of user information.
Facebook added 27 new positions to its careers page this week, including a number of openings on the security, engineering, finance, marketing and sales teams.
The company added a listings for a security program manager, a security operations center manager and a safety and security engineer.
Other noteworthy jobs include a vertical client partner focused on fast-moving consumer goods, a manager of ecosystem measurement and a presentation designer for the business marketing team.
New listings added to Facebook’s careers page:
- Safety and Security Engineer (New York)
- Finance Manager (São Paulo)
- FP&A, Sr. Financial Analyst – G&A (Menlo Park)
- IT Field Manager – APAC (Singapore)
- Legal Compliance Operations Specialist (Menlo Park)
- Manager, Global Law Enforcement Response Team (Menlo Park)
- Executive Protection Specialist (Menlo Park)
- Security Operations Center Manager (Menlo Park)
- Security Program Manager (Menlo Park)
- Software Engineer, Internal Tools (Menlo Park)
- HR Specialist, APAC (Singapore)
- Business Recruiter (Menlo Park)
- Recruitment Coordinator (1 year fixed term contract) (Dublin)
- Recruiter (Tokyo)
- Technical Program Manager, Network Engineering (Menlo Park)
- Manager, Marketing Communications Industry Relations (Contract) (Singapore)
- Presentation Designer, Business Marketing (Menlo Park)
- SMB Associate, Marketing Communications (Menlo Park)
- Small and Medium Business Growth Associate – Spanish Speaker (São Paulo)
- Small Business Analyst (Sao Paulo) (São Paulo)
- Vertical Client Partner – FMCG (London) (London)
- Account Manager Brazil (São Paulo)
- Account Manager Brazil (São Paulo)
- Client Partner e-commerce, Japan (Singapore) (Singapore – Tokyo)
- Client Partner e-commerce, Korea (Singapore) (Seoul – Singapore)
- Client Partner (Toronto)
- Manager, Ecosystem Measurement (Menlo Park)
Who else is hiring? The Inside Network Job Board presents a survey of current openings at leading companies in the industry.
Some users see option to message Zuckerberg for $100 - As part of Facebook’s paid message test, some users are seeing an option to send a message to CEO Mark Zuckerberg’s inbox for $100. When Facebook began the paid message test, the company said it would charge $1 to have messages rerouted from a user’s Other folder to the main inbox, but that it would also try higher price points for public figures and celebrities. As for the $100-price tag for Zuckerberg, Facebook told Mashable, “We are testing some extreme price points to see what works to filter spam.” Image via Mashable.
Facebook issues grants to local nonprofits – Facebook has given $200,000 in grants to 42 nonprofits in Menlo Park and East Palo Alto, according to the Mercury News. The donations are part of a deal with the city of Menlo Park that gives Facebook permission to expand its headquarters there. The grants range from $2,500 to $5,000 and support causes including youth programs, food distribution, small business aid and clothes for homeless kids.
Facebook solves password security flaw – Facebook has fixed an issue that would have allowed someone to change a user’s password without the user’s knowledge, according to researcher Sow Ching Shiong who discovered the security flaw. Previously, someone could visit Facebook.com/hacked on a logged in account and reset the password without being asked for the original password. Since the discovery, Facebook asks users to verify their password before proceeding.
Facebook customer satisfaction worse than any other social network - Facebook scored the lowest out of any social networks in the latest American Customer Satisfaction Index ratings. Facebook’s score of 61 put it last among social networks and third worst of all companies in the index. Facebook’s score is tied with that of cable and internet provider Comcast. Google+ and Wikipedia came in first among social networks with a score of 78. The ACSI ratings are based on customer surveys.
A new scam targeting Facebook page owners uses Facebook messages and a fake verification page to obtain user logins and passwords.
The phishing scam begins with a Facebook message from a “Security Team” profile that uses Facebook’s security logo. The message tells admins that their page is in violation of terms of service and threatens to permanently suspend the user’s account. Then it offers users the option to “verify” their account if they believe the situation is a mistake. Users are taken to a link where they are asked to provide their page name, email address or phone number, and password.
A few signs would help page owners recognize this message as phishing. First, the social network’s official page about security is called “Facebook Security” not “Security Team.” Clicking the profile which sent the message would reveal that the page was not legitimate.
More tellingly, the message links to the following web address: apps.facebook.com/PageSecurityTeam. URLs that begin with “apps.facebook” are third-party applications. Facebook would likely use a URL that begins with “facebook.com.” Users should be careful entering their information into fields within page tabs, apps.facebook.com canvas pages, and off-Facebook.com websites.
This scam was first reported by Facecrooks, which points out scams like these and offers recommendations for how users can protect their information.
Images via Facecrooks
Facebook notifies class action suit members about settlement – Facebook began sending proposed settlement notices to users it believes are members of a class action lawsuit that entitles them to up to $10 in compensation. The suit, which claimed Facebook unlawfully used members’ names and photos in Sponsored Story advertisements, resulted in a $20-million settlement, which was granted preliminary approval last month. Now Facebook is emailing class members to let them know they can file a claim and receive up to $10 depending on how many claims are made and other factors. A fairness hearing over the matter will be held on June 28. Users can find more information on the Fraley Facebook Settlement website.
Privacy flaw disrupts New Year’s Midnight Delivery service – Before New Year’s Eve, Facebook created an application for users to write messages that would be delivered at midnight on the holiday. A business IT student found a security flaw that allowed anyone to see other users’ messages by manipulating the ID number of the confirmation page URL. It was even possible to delete other users’ messages until Facebook took down the page and fixed the loophole. However, the service still suffered from some issues. We found that messages that were supposed to be sent at the stroke of midnight were not actually delivered until hours later.
Chinese RTB platform accesses FBX – Chinese real-time bidding platform iPinYou can now access Facebook Exchange inventory, according to China Daily. iPinYou says there are a large number of Chinese advertisers that want to reach an international audience through Facebook, such as exporters and travel companies. Facebook is blocked in China by the government, though an estimated 63.5 million Chinese users are getting around the ban by using proxy servers.
Facebook works with FBI to take down cyber-criminals – Facebook helped the Federal Bureau of Investigation bring down a cyber-criminal ring responsible for infecting more than 11 million computers with “Yahos” malware and causing more than $850 million in losses. The social network helped identify the criminals and affected accounts, leading the FBI and international law enforcement agencies to arrest 10 people involved with the crimes between 2010 and 2012.
Android SDK out of beta – Facebook this week brought the Facebook SDK 3.0 for Android out of beta. The SDK helps developers build social Android apps by providing native UI controls, simplifying session management and improving API support. Facebook says the beta SDK was downloaded more than 80,000 times in six weeks.
Nimble launches CRM app for HootSuite
Nimble this week announced a strategic partnership with HootSuite to help users manage their business network and track social conversations. Nimble combines users’ business contacts, emails, social communications and calendar activities into a single social contact manager. The Nimble app for HootSuite allows users to view their Nimble contacts in HootSuite, add new contacts and more. They can view contact information and a complete conversation history, along with follow-up tasks and other notes.
Instagram to take steps against spam – Instagram let users know late last week that the company is working to reduce spam on the service. “There’s no quick fix, but we have a team of engineers working every day to tackle the issue and we hope you’ll notice their improvements,” the company wrote in a post on Instagram. The company also encouraged users to continue to report the spam they see in comments on photos.
RTB companies await FBX certification – Real-time bidding providers [x+1], Optimal and Kenshoo are still waiting for official approval to be considered partners in the Facebook Exchange, AdExchanger reports. The companies have been providing FBX services either through an integration with AppNexus or another company, or have been allowed early access as they await evaluation from Facebook. After final approval, they’ll be added to the new PMD Center, which includes a section for FBX partners.