Security Implications of New Facebook email service – Sophos FAQ guide

MUMBAI / BANGALORE, India – November 18, 2010 – IT security and control firm Sophos has today reported that, Facebook has announced its new email service which brings together Facebook messages, instant messaging chat and SMS messages in one place.


Following this news, Sophos has produced an FAQ guide to help users understand the implications for security before they sign up —


Before signing up, users need to realise that these new features increase the attack surface on the Facebook platform, and make personal accounts all the more alluring for cybercriminals to break into,” said Graham Cluley, Senior Technology Consultant at Sophos.  “Facebook accounts will now be linked with many more people in the users’ social circles – opening up new opportunities for identity fraudsters to launch attacks.


Sophos notes that cybercriminals are compromising the accounts of Facebook users, and using their accounts to spread spam messages.  Spam sent via social networks can be more effective than traditional email spam, as users are more likely to open and trust a message which appears to have been sent by someone they know – one of their Facebook friends.


Users also need to be aware that Facebook will be storing a complete archive of all of their communications with one person – this raises concerns as to how this data could be misused if it fell into the wrong hands,” continued Cluley.  “With this in mind, it will be critical for Facebook to implement more effective filtering mechanisms to prevent fraudsters from manipulating Facebook users into falling victim to new spams, scams and phishing attacks.


Users will need to take greater care of the security of their Facebook account than ever before.


Keeping security up-to-date on computers, policing which applications link with their Facebook profile, and choosing sensible, unique, hard-to-crack passwords will be essential.


More information can be found on Sophos’s Naked Security blog at  —


# # #


About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use, and that deliver the industry’s lowest TCO. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs—a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards. Sophos is headquartered in Oxford, UK and Boston, US. More information is available at



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s