Facebook: 'Security bug' caused lock-outs

A "security bug" caused Facebook to lock the accounts of hundreds of Filipinos, the social media giant said Monday.

A Facebook spokesperson, in an emailed statement to news.abs-cbn.com, said the company has built "numerous defenses to combat phishing and malware, including complex automated systems that work behind the scenes to detect and flag Facebook accounts that are likely to be compromised."

The same automated systems prompted Facebook "to ask a set of people to secure their accounts."

"This was due to a bug in the system and the precautionary step was not needed in this case, so we have removed the messages and the impacted people should now be able to access their accounts normally," the spokesperson said. "We apologise for any inconvenience we caused."

Over the past week, reports of Filipino Facebook users getting locked out of their accounts surfaced, alarming some that it may be the work of a secret group of hackers.

Leonard Postrado, a 29-year-old BPO content writer, said he was chatting with friends on Facebook earlier this week when he was suddenly kicked out of the social networking site.

"When I entered the password, ayaw pumasok sa account ko. I did it four times until Facebook notified me na may phishing attack sa FB ko at pinapabago ako ng password. I don't know what that means kasi di ako techie until ginoogle ko and nakalagay nga collecting data," he said.

(When I entered the password, I still couldn't get to my account. I did it four times until Facebook notified me that there was a phishing attack on my account and said I should change my password. I didn't know what that meant because I'm not techie so I googled it and found out it meant collecting data.)

A similar incident happened to 36-year-old government employee Kim Quilinguing, who said he was writing a status update when he was logged out of his account due to "suspicious activity."

"My feeling is that someone tried to access my account by claiming to have forgotten my password. And then instead of being provided a new password to a false email account, Facebook alerted me by logging me off and making me review my activities," he told ABS-CBN.

It prompted netizens to think that a self-confessed pro-Duterte group had something to do with it.

The group posted on Facebook a call for the surveillance of people who are supposedly trying to influence young people into believing anti-Marcos rhetoric.

Since then, students from the Ateneo de Manila University, which was one of the first schools to protest the Marcos burial, have had their accounts "compromised."

User Jan-Daniel Belmonte, whose account was also compromised, has found more than 200 other victims, most of whom are students from Ateneo and the University of the Philippines.

 The verified personal Facebook account of veteran journalist Inday Espina-Varona was also disabled by Facebook on Monday, without any explanation, for several hours.

 Her account was restored, as of 11:30 p.m. Monday night.

 Elizabeth Hernandez, Facebook's head of public policy in the Asia Pacific, told Espina-Varona in an email that her verified account "was incorrectly enrolled in a fake name checkpoint."

"Your account has been cleared from this checkpoint," Hernandez said.

Following reports of Filipino Facebook users getting locked out of their accounts, the social networking site also gave some tips on how to secure them.

source: news.abs-cbn.com

Facebook Messenger to offer strong encryption

WASHINGTON, United States - Facebook announced Friday it would roll out optional "end to end encryption" for its Messenger application, following a trend aimed at stronger security and protection against snooping.

The US technology giant said this feature would be known as "secret conversations" which can be read only by the sender and recipient.

"Providing more ways for people to safely share is an important part of making the world more open and connected," the social network's vice president David Marcus said on his Facebook page.

"Whether you're asking a doctor for medical advice, sending sensitive account information to your spouse, or even your Social Security number, it's important to have options available for sharing these kinds of very sensitive messages."

Facebook earlier this year began implementing this end-to-end encryption on its WhatsApp messaging service, and Google, Apple and others have been making similar moves.

Some law enforcement officials and lawmakers have criticized these moves, saying the strong encryption can allow criminals and other bad actors to operate in secret where traditional wiretaps don't work.

A Facebook statement said the new feature will be optional "because many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone" and that the encrypted messages may only be read on one device.

"Secret conversations are available on a limited test basis right now, but we will be making the option more widely available this summer," the statement said.

The US government this year locked horns in a legal battle with Apple, seeking to compel the iPhone maker to help decrypt a device used by one of the attackers in the San Bernardino shooting rampage.

Authorities eventually dropped the case after finding a way to break into the iPhone without Apple's help.

Facebook said in April that Messenger has over 900 million users, close to the billion for WhatsApp.

source: www.abs-cbnnews.com

Facebook reveals new security tool

WASHINGTON, United States - Facebook announced Tuesday it has been using a new security tool to help detect and remove malicious software for users of the world's biggest social network.

Facebook said it was working with Kaspersky Lab, bolstering a program implemented with other online security firms including ESET, F-Secure and Trend Micro.

"Thanks to the collaboration with these companies, in the past three months we have helped clean up more than two million people's computers that we detected were infected with malware when they connected to Facebook," said Trevor Pottinger, a Facebook security engineer.

"In these cases, we present a cleanup tool that runs in the background while you continue using Facebook, and you get a notification when the scan is done to show you what it found."

Pottinger said the program uses "a combination of signals to help find infections and get the malware off of your computer for good, even if the malware isn't actively spreading spam or harmful links."

Kaspersky Lab's Kate Kochetkova said in a separate blog post that Facebook users are often targeted in online fraud schemes such as "phishing," which are faked emails designed to get recipients to download malware.

"Facebook is a major aim for phishers: one in five phishing scams targets Facebook notifications," she said.

"So be vigilant when you receive emails appearing to be from Facebook: as they can be fake. There are lots of Trojans targeting Facebook users as well."

Fraudsters may also use Facebook, Kochetkova said, to "'like' weird things and promote questionable goods and services on your behalf."

source: www.abs-cbnnews.com