To boost security, Facebook adds remote logout

The new feature gives users a way to kick spammers out of their accounts

Facebook users will soon have a new way of knocking spammers out of legitimate accounts.

The social-networking company is rolling out a new security feature that lets users see which computers and devices are logged into their Facebook accounts, and then removing the ones that they don't want to have access.

The move addresses a growing problem on Facebook. Spammers use fake phishing sites to trick Facebook users into entering their usernames and passwords, and then they use those credentials to send spam messages to as many Facebook friends as possible.

This type of spam is often very effective because it looks like it's coming from a trusted source (a Facebook friend), and security experts say that many spammers have now developed automated programs that log into stolen Facebook accounts and send spam. Just last week, scammers used hacked Facebook accounts to spam Facebook users with bogus Free iPad offers.

In addition to knocking out spammers, this new feature also gives users a way of logging out of machines that they've recently used -- a library computer or a friend's mobile phone.

Not everyone will be able to use this new feature immediately, as it's being rolled out "gradually," Facebook said in an e-mail message. Users who have been granted the login control feature can see it by going to Account Settings and then looking for it in the Account Security Section.

There, they can see the different computers currently logged into Facebook, which browser and operating system they use and -- based on Internet Protocol information -- a guess at where they are located. With the click of a button, the user can "end activity" on any of these sessions.

Someone whose account has been hacked could use this information to confirm that her account had been compromised and then reset her password.

"It provides you with a visual indication of which devices currently have sessions open with your user profile," said Andrew Walls, research director with the Gartner analysis firm.

The feature is a follow-up to a login notification feature that Facebook introduced last May, which alerts users when different devices log into their accounts, he said.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Tags Internet-based applications and servicessecuritysocial networkinginternetFacebook

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service

6 Comments

R

1

...and wants to stop the SPAM bot form simply locking out the legit user using this method?

Rob

2

"...and wants to stop the SPAM bot form simply locking out the legit user using this method?"

The same thing stopping them from just changing the user's password. They don't want the user finding out about it and resetting the password.

none

3

@Rob Ummm...if they lock the real user out of the account, they can just continue to send spam forever....

Once someone has control of your account, they will (obviously) be able to use this feature to keep you locked out if they want to.

How about increasing the security to PREVENT people from getting access to your account in the beginning????

Iain

4

@none Unfortunately there's no software fix for stupid.

l a

5

So true, stupid users see stupid outcomes.
If I could say that this could be useful if they know someone might get locked out of there own account by a hacker, and then have a phone number where you can call to ask for a password and ip lock reset at the same time using a special pin number given to you when you first create your account for phone support of this nature...you could bypass the first posts problem....although this would cost some money to maintain...for a site that is free....although I am sure that they make money...

Don Viszneki

6

Read between the lines people!

Facebook is now specifically attempting to identify and record the fingerprints of the computing devices you use.

Now if I get access to your Facebook account, I can see what devices you're using, too.

What kind of inferences can be made with that kind of data at your disposal?

Facebook has *no* respect for privacy, and this feature is completely incompetent because there is very little stopping spammers from mocking up new device identities to show Facebook on their way into your account.

There is one saving grace: I've always been able to alert my email provider with a click of a button which sources of email are sending me spam. Now Facebook users can click a few buttons to identify which IP addresses are sending spam. That will help cut down spam, but there are better solutions that don't present so much deterioration of user privacy.

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?