Facebook’s mandatory scan and lack of transparency are cause for concern

 

Years ago, when I first encountered Facebook’s mandatory malware scan, I thought it was a scam. I was contacted by a friend that told me that her computer had a pop-up from Facebook stating that it was required that she download and run some anti-malware software in order to be able to log into her Facebook account. In fact, I advised her not to do it until I looked into the issue further, as I regularly maintain her computer and I knew that it had no issues with malware.

 

Upon further investigation, I was stunned to find that Facebook had indeed blocked access to her account and was demanding that unnecessary anti-malware software be downloaded from a sketchy looking ‘Download Scanner’ pop-up in order for her to be let back in. With all of the scam pop-ups that show up on the internet these days, I believe I’m pretty justified in my incredulousness.

 

After unsuccessfully contacting Facebook, I did a quick search, and found brand new webpages going up everywhere with dozens of people complaining about Facebook’s anti-malware scan. I found complaints on forums, Twitter, Reddit, on personal blogs, and of course on Facebook. Several people were wondering if it was a scam, and dozens of others were wondering why they had received the notice in the first place.

 

Multiple people have tried to circumvent the scan in order to log into their accounts, with limited success. Some have found that by switching browsers the pop-up went away, at least temporarily. The next popular option seemed to be logging in from a different device. In some cases the pop-up appeared for them even on the alternate device they tried.

 

In some cases it also seems that some people were required to download PC software, though they were using a Mac. It should also be noted that some reports stated that other users outside of the locked account could log into their Facebook accounts on the same device that received the original malware warning pop-up, without receiving the pop-up themselves. All of this leads me to believe that the malware pop-up is connected to the Facebook accounts themselves and not to an actually infected device.

 

Of course, with that I have major concerns about system security and Facebook is doing some very shady things that bother me considerably with this scan. The first question I’d like to know the answer to is what is Facebook doing with the information they collect from their security scan? Facebook is making users agree to run the scan and telling them that the data they collect in the process will be used to improve security on and off Facebook. What exactly does that mean?

 

Also, when you access Facebook through a browser, it has no way of identifying if your computer actually has a virus of any sort. That being said, by using Facebook applications, you may have allowed permissions when actually downloading one of their apps that allows that app to view and change content and code running on your device.

 

So, how can you protect yourself from having to run this sketchy Facebook malware scan? I have no idea. I really couldn’t find anywhere that specified what would trigger it. Facebook seems to choose accounts at random.

 

I do, however, have some suggestions on things you should consider doing now, before you potentially encounter the Facebook malware scan. My first suggestion is to remove any Facebook apps you have on your account right now and don’t add any Facebook apps that state that by using that app you’re allowing it to access your files and/or make changes to your computer. My next suggestion is a bit outside the norm, but only using social media on a computer that doesn’t have any personal information stored on the hard drive would be ideal. That can be achieved by having separate computers or an external hard drive that keeps your personal data on it.

 

You should also change your privacy settings on Facebook. Read our article regarding Facebook targeted ads to see just a sampling of the information they’ve already gathered about you. https://rhynonetworks.com/facebook-knows-more-about-you-than-you-might-think-and-theyre-telling-anyone-willing-to-pay/

 

As always, if you have any questions or concerns, give us a call here at RHYNO Networks and we’ll be happy to help. (855) 749-6648

 

Suggested reading:

https://rhynonetworks.com/antivirus-101-why-we-use-eset-and-think-that-you-should-too/