Spamming via social networks has doubled over the past year, according to the security vendor Sophos. However, this comes from a study that doesn’t break out Facebook specific statistics.
Of course, pointing out threats is standard marketing practice for most security vendors, and the increased spam may well be wending its way through sites other than Facebook. That jibes with the company’s official response to this report, which a spokesperson emailed to us:
As a result of our efforts, the data we have on interactions of more than 500 million people using Facebook shows that spam, malware and other attacks have decreased in their effectiveness — the opposite conclusion reached by a security vendor. And, it’s much more important to measure effectiveness than it is to measure volume. If your spam filter catches all the spam, does it matter that your filter caught 10 percent more?
Of course, Facebook’s user base doubled over the past year. However, Sophos claims the percentage of users who received spam on social networks doubled in a year, from 33.4 percent to 67 percent, according to Sophos. The security vendor got these numbers from surveying 1,200 computer users in December.
The same goes for Sophos’ tally of phishing, which refers to those messages that try to get you to cough up personal information: The percentage of users who got phished doubled to 43 percent in the latest survey, compared to 21 percent a year prior. This data point seems rather crucial given that Facebook is still rolling out a new communications platform, so we’ve asked for a comment on what the site’s strategy is in combating phishers — in addition to the other threats discussed in the Sophos report. Of course, we’ll share the company’s response with you.
Meanwhile, the Sophos study also found 40 percent received malware, and that’s a 90 percent increase since April 2009 (By the way, the latest survey was conducted in May, 2010; my 18 years in journalism makes me crave something more recent, although I understand how a study of 1,200 users would take a lot of human-hours to compile.). Now this security category includes a lot of stuff, including some things that don’t do much real damage beyond invading people’s privacy.
How possible is it that the increased threats Sophos has reported are on social networks other than Facebook? To what extent do these issues influence the number of users that different sites have?