[German]Just a brief view of Facebook’s approach of securing users with malware protection. The ‘Malware protection’ attempt of the social network causes some Facebook users a lot of trouble and prevents them from logging in.
Some background information
Facebook tries to protect its users from malware infections, affecting the social network. The company uses its own approach to detect infected user systems. If Facebook’s internal check algorithms conclude that something isn’t proper with the user’s device, which he uses to access the social network, a malware alert is triggered
The user receives a notification (see screenshot above) that his or her client may be infected. The person’s Facebook account will then be set to read-only. This means that this person cannot post anything on his/her Facebook account anymore.
But the user is offered (from Facebook) to download a ESET-Online-Scanner (see screenshot above). The online scanner can be run after downloading. After a successful scan, the Facebook account will be completely reactivated. I had covered this topic in more detail within my German blog post Facebook Security mit eigenem Virenscanner.
Allegation: Not transparent nor helpful
Wired just has publihed the article Facebook’s mandatory malware scan is an intrusive mess, addressing this topic. The user cannot escape the malware scan if Facebook believes that the client is infected. The criteria according to which this decision will be made by Facebook remain in the dark. It is particularly foolish if the user isn’t able to run the ESET online scanner, so he/she remains locked out from active Facebook use.
The wired article outlined a case where a science fiction writer from the USA suddenly received a Facebook notification. Authors often use Facebook to communicate with readers. Facebook thought that this user’s client might be infected with malware. So the user was forced to download and run the ESET online scanner.
The foolish thing about this story: The ESET online scanner is for Windows, but the user in question was using a Mac and macOS. So the ESET online scanner was useless and so the user remained blocked by Facebook for days with regard to account activity.
And it got even better: The user writes that Facebook apparently (and that’s finally a good thing, because it means, they don’t have the possibility to check your client’s internals) has no way of recognizing that a client is infected with malware. Because Facebook’s warning message was displayed on all devices used by the user to log in.
So @facebook is in the scamming business now? Since when do you keep me log out and try to force me to use YOUR scanner when I know my computer is malware free? oh and other people can log in on MY computer! So how infected can it be??
— Pris (@PrisInNZ) 20. Dezember 2017
It seems that this isn’t a single incident, because forums (Norton), Twitter, Reddit and personal blogs are full of posts from frustrated Facebook users reporting such experiences. In brief: Facebook’s malware detection is probably related to activities in the Facebook account itself. But Facebook does not have the ability to detect the client’s infection, nor is Facebook able to provide appropriate malware scanners for these clients – unless you use Windows. How cool is that? Has anyone of you had such an experience with Facebook?