Malware, spam in 10 per cent of Facebook links

It’s doubtful if Lady Gaga’s poker face would break into a blush if she found out that her Facebook page which has close to 19 million fans, recently hosted 1,717 instances of online profanity. But there’s no way Justin Timberlake will bring sexy back by allowing 3.7 million online fans get infected by malicious links on his and 250,000 other Facebook walls.

Facebook users are just one click away from malware and spam each time they visit the site and if it’s bad news for celebrities it could prove more than a headache for many businesses on the popular social networking site, according to Internet and data security firm Websense Inc.

About 40 per cent of Facebook posts contain links, and more than 10 per cent of those links lead users to either malware or spam sites, according to a study released by Websense on Tuesday.

Even though individual pages are being targeted, according to Websense, more risk comes from high-volume corporate, business and celebrity pages.

Many top Facebook pages are inadvertently exposing their fan base to malicious content. Defensio 2.0 uncovered a startling volume of profanity, spam, and malicious links – over the past seven days:

“As demand increases we are seeing Web 2.0 sites used by businesses such as Facebook being used by spammers and malware developers,” said Carl Mercier, Websense director of development and social Web security and founder of Defensio.

Surf safe on Facebook: Download the’s Facebook security and privacy hardening tool

Even as Websense released results of it Facebook spam and malware research on Tuesday, another security company warned of a new spam scam that tries to tempt users into visiting a website with the promise of a free Apple iPhone.

According to security company Sophos, the following message appears on a user’s message wall: “Anyone want my old phone? Claimed my free iPhone today, so happy lol… If anyone else wants one go here [link].”

Clicking on the link brings up an ‘allow’ message which if clicked allows the rogue application to access that user’s information profile before redirecting them to a commission-earning website. Luckily, there is no malware on the end of the weblink. It is merely an old-fashioned attempt to generate traffic for which the, said Sophos.

The spam attack comes only days after a similar if more serious incursion saw some Facebook users hit with spam also pushing iPhones and iPads. That attack allowed pictures to be posted to user’s walls without their approval.

Find everything you need to know about Facebook: The Facebook Bible

Bad news for business

Malware and spam infecting Facebook pages many be a nuisance to individual users but they pose are a potential marketing fiasco and legal risk for businesses with a presence in the social networking site, according to Sylvain Carle, chief technology officer for Praized Media Inc., a Montreal-based search and social networking company.

It would be a huge public relations black eye for a company if spam, malware or online profanity were broadcasted or spread through links in their product’s Facebook page, said Carle. “Imagine angry parents by the thousands complaining about inappropriate posts on a Facebook product for children’s wear,” he said.

According to Websense, Red Bull’s Facebook page which lists more than eight millions fans, hosted 195 instances of profanity, 15 malicious links and 37 spam links.

This is precisely what Praized Media works hard to spare their clients from. The Montreal-based outfit creates white-label platforms search and social net platforms for businesses and organizations.

Their tools are being used in sites such as, which provides news product and service reviews, tweets and real-time news about everything in the city of Calgary;, a Canada-wide gasoline price tracking site;, an online Yellowpages resource site.

Filtering out spam and profanity

“Our platform offers a mix of search engine and social networking capability. We allow users to search for businesses and information and enable them to post reviews and share preferences with their friends online,” said Carle.

In many occasions user-generated reviews and comments, Carle said, are used a carriers of spam, malware or profanity. Filtering, moderating and cleaning these posts used to take up much of Praized Media’s time.

“When the company started in 2007, we had no idea of the burden it would put on our small team,” he said. “We were all developers so we figured we could easily spot inappropriate language as well as the links that led to spam or malware.”

Related stories

Websense: Top Web sites riskier than porn

Free anti-spam and malware tool for Facebook

Canada introduces anti-spam law as spam URLs become pervasive

Social Sentry keeps an eye on employee social media posts

The team ended up spending as much as one to two hours per suspect message flagging, inspecting and deleting post, said Carle. “The toll on productivity was just too much. We realized we needed to automate the process if we wanted to scale the business.”

The company significantly reduced its workload when it installed Defensio in 2008. The tool flags suspect posts so that moderators and administrators can inspect it and delete it if it contains any unwanted contents, Carle said.

Praized Media tried several security products but chose Websense’s Defensio “because we found it was very flexible and designed for social networks,” said Carle.

For instance, he said, the tool worked well with many programming languages including Ruby on Rails which is used by many firms that develop social sites.

Defensio 2.0 is powered by Websense Advance Classification Engine and ThreatSeeker Network, according to Mercier of Websense. The tool gathers threat data from social networks and immediately integrates the data into the real-time threat database of the Websenses Web Security Gateway. This way all Websense customers are able to benefit from up to date security data from 50 million real-time data collecting systems of the company.

Defensio 2.0 has personal version which is available for free download. However, a new service version for businesses was recently released. This version now includes automatic removal of unwanted content such as malware, spam and profanity.

This reduces the costly manual burden on marketing and security teams who previously had to remove each piece of comment spam by hand and investigate every URL in a comment or post for security threats, according to Chris Christiansen, program vice president for the security products and services group of technology analysts firm IDC.

Intelligence captured by Defensio adds to the advanced content analysis that powers the rest of Websense’s email, Web and data security products, he said. “By adding this information into its advanced classification engine, Websense goes beyond virus signature, URL reputation or categorization to address uncategorized Web content.”

“This real-time analysis of social networks can alert customers to new Web threats as they occur,” he said.

(With notes from John E Dunn of

Nestor Arellano is a senior writer for Follow Nestor on Twitter, read his blogs on ITBusiness.caBlogs. Check out’s Facebook page

Share on LinkedIn Share with Google+