Facebook Warns of Recent Wave of Spam

November 16, 2011 - 11:30 AM
Facebook Photo Privacy

In this screen shot provided by Facebook, a photo pre-approval feature is shown. Facebook will now let you pre-approve photos before your friends can post them with your name attached. (AP Photo/Facebook)

New York (AP) — Facebook said Wednesday that it has stopped most of the spam that has flooded many users' pages with pictures showing graphic sex and violence.

The social-networking company urged its 800 million-plus users to remain vigilant to keep their accounts from being hijacked.

Social-networking sites are popular targets for spammers because people are more likely to trust and share content that comes from their "friends." This makes spam, scams and viruses easier to spread.

Although the way the latest spam messages spread isn't new, their content — jarring violence and graphic pornography rather than links to get a free iPod shuffle — might have upset users more than usual. In recent days, they have complained on Twitter and their own Facebook pages.

Facebook said no user data or accounts were compromised during the attack.

The latest attack tricked users into pasting and malicious links into the address bars in their Web browsers. This exploited a browser vulnerability that caused them to unknowingly share the graphic content with their Facebook friends.

The content spreads further when the friends then click on these links, thinking that it was posted by the user on purpose.

The company said users should never cut and paste unknown code into a browser's address bar. They should always use an up-to-date browser and report any suspicious content on the site.

Facebook did not immediately say which browsers were affected

Facebook said it built enforcement mechanisms to quickly shut down the malicious pages and accounts that attempt to exploit the vulnerability.

"Our team responded quickly and we have eliminated most of the spam caused by this attack," Facebook said in a statement. "We are now working to improve our systems to better defend against similar attacks in the future."

Facebook already scans links against security databases and blocks those known to lead to spam. But the company says spammers can get around those protections by tricking users into pasting harmful links directly into Web browsers.

The company says fewer than 5 percent of its users experience spam on a given day, and less than 4 percent of content shared on Facebook is spam.

___

AP Writer David Rising in Berlin contributed to this story.