App Protects Facebook Users from Malicious Links

Sick of spreading dangerous links via Facebook? ShareSafe will check links for you before you post.

"Security" isn't usually linked with "fun," but a Finnish security is taking a stab at connecting the two with its new application. F-Secure's ShareSafe app runs inside Facebook and flags links to dangerous websites before you post them to your friends' walls (or your own).

"Security applications and Facebook tend to mix together like oil and water," Sean Sullivan writes in an F-Secure blog post. "Folks generally want to share when they're online--and not to worry about security."

For this reason, ShareSafe's development team has designed the app to be entertaining, with security benefits "tagging along for the ride," Sullivan adds.

Indeed, the security feature of the app does take up very little of the offering's screen real estate. It's just a form field that occupies the top of the app's home screen. You can paste a link in the form and ShareSafe will tell you if there is any unsafe content at the other end of the web address.

This can be especially useful if you're dealing with shortened URLs, since their destinations usually can't be guessed just by looking at the characters in the address.

The rest of ShareSafe's interface page is made up of a dashboard and a feed of top links.

From the dashboard, you can keep tabs on badges and rewards you've earned (you get a "Rookie Cookie" badge just for activating the app), as well as notifications. The app awards reward points for sharing safe links, for clicks and "likes" generated by those links, and, of course, for the number of friends you get to join the ShareSafe community. Points are also awarded for other behaviors, but the exact details are secret to "keep things interesting," F-Secure explains.

Points can then be redeemed for products. Right now, prizes are limited to security software made by F-Secure, but perhaps we'll see a wider selection in the future.

From the links feed, you can see top links for all of Facebook. You can also choose a category and see the top links for that category--such as pictures, news, or health. A "top link" is determined by the number of Facebook "likes" it has received.

Why Share Safely?

Why would you want to view your news feed and wall items through ShareSafe? Because before ShareSafe displays any items with links, it checks the links for malicious content. This way, you can make sure neither you nor any of your friends are circulating URLs to poisoned sites.

According to security experts, poisoned links on social networks are a big problem. In an experiment by Dasient Security, researchers set up accounts on 11 social networks and found that not one of those networks stopped them from posting malware links. In addition, nine of the 11 links failed to block links listed in a Google compilation of poisoned websites.

"The social networks we tested have some work to do on their malware countermeasures," says Neil Daswani, Dasient CTO.

According to Carole Theriault, a senior consultant at security firm Sophos, "Facebook is a very enticing playground for bad guys. It is no surprise that surveys have shown an increase in malware activity on the site."

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

Join the CSO newsletter!

Error: Please check your email address.

Tags online securitysecurityf-securesocial networksFacebook

More about FacebookF-SecureGoogleSickSophos

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place