Safety issues are no longer ignored by Facebook as this social network giant has launched a page called Facebook Safety.

At the time of my writing, Facebook Safety has grown to more than 11,000 fans and another great news is that the articles posted on the Facebook Safety’s Wall are with full focus or direction and the original videos or articles that it linked to are good contents.

In fact, the creation of Facebook Safety page is with purpose. According to Joe Sullivan, Facebook’s Chief Security Officer, “The Safety Page will highlight new initiatives to keep people on Facebook safe, valuable educational materials from Internet safety experts including the members of our Safety Advisory Board, and relevant news coverage.” Wrote in Facebook’s official blog.

In contrast to Facebook Security page, which has 2.2 million of fans; Facebook users should not think of Facebook Safety as a supplementary resource page to Facebook Security, instead the dynamic content posted on Facebook Safety are to complement the resources in the expanded Safety Center that Facebook introduced in April this year.

Moreover, Facebook users should value the availability of Facebook Safety that gives them other options – like links to the outside blog posts, videos, safety research reports, safety know-how via videos, and a resource page pertaining to all the well-known safety experts.

According to Cisco 2010 Midyear Security Report, they found that employees accessing Facebook games at work would cause devastating consequences as companies are at risk due to the online criminals are believed to be developed ways to deliver malware via these games.

As a result of the study, Cisco found that 7 percent of Facebook users of its customers spend an average of 68 minutes per day playing the popular interactive game FarmVille from Zynga. Mafia Wars was the second most popular game; with 5 percent of employees racking up to 52 minutes of play daily. Café World, another popular game, played by 4 percent of Facebook users, accounted for 36 minutes of wasted time at work per day, see the below picture.

The study also uncovered a number of interesting suggestions, which led to the create of explicit policies governing the use of games at work. However, the study did not suggested the ban of accessing Facebook games at work since this may damage workers’ ability to collaborate and communicate in a changing business environment. Moreover, playing Facebook games at work means that the loss of productivity, but it is not a security threat.

Nevertheless, the trends of playing Facebook games at work point to a need for better protection against the security risks. This is due to another data which shows that 50 percent of end users admitted that they ignore company policy prohibiting use of social media tools at least once a week, and 27 percent said they change the settings on corporate devices to access prohibited applications.

To read more about the Cisco study, click here for the PDF copy.

In an effort to make it easy for the users to control what kind of data to be shared in order for the applications to work, Facebook has made an important change by launching the simplified data-sharing permission. Beginning from July this year, users will get a single dialog box explaining all of the data a third-party application is requesting before they install it.

“These improvements reflect two core Facebook beliefs: first, your data belongs to you; second, it should be easy to control what you share,” said Facebook CTO Bret Taylor in a blog posting. “If at any point you ask a developer to remove the data you’ve granted them access to, we require that that they delete this information.”

With this change, it represented an important step for Facebook to appease some of the critics of its privacy practices it encountered most recently. In terms of user experience, a single dialog box has no doubt made the users’ life more easier and less confusing when they installing an application. However, on the other hand, this might cause certain group of users making a thoughtlessly mistake when the “Allow” button is highlighted by default.

Could this little and simplified data-sharing control lead to a more privacy risks? Well, only time can tell.

And also, this is my next question – is Facebook going to update its term of use, specifically the clause “When you use an application, your content and information is shared with the application?“

In an open letter [PDF] addressed to Facebook CEO Mark Zuckerberg, 10 privacy groups such as ACLU of Northern California, Center for Democracy and Technology, Center for Digital Democracy, just to name a few, have expressed their Facebook privacy worries connected to some of the user controls found on the users’ profiles.

In fact, the issues highlighted in the letter are not the first time that being caused numerous privacy complaints, but fortunately this is the first time a total amount of 10 reputable privacy groups have put their voices in such an open letter.

Inevitably, the issues written down on the letter is quite accurate description of the privacy worries with Facebook at this moment. As discussed in the letter, the following issues should be fixed in order to make Facebook realize that the user privacy preservation is as much important as the overall market capitalization of Facebook.

Some excerpts of the letter:

1) Fix the “app gap” by empowering users to decide exactly which applications can access their personal information.

6) Provide users with simple tools for exporting their uploaded content and the details of their social network so that users who are no longer comfortable with Facebook’s policies and want to leave for another social network service do not have to choose between safeguarding their privacy and staying connected to their friends.

Fortunately, we know that Facebook has taken some action for its user commitment by launching a simplified version of privacy settings. However, simplified version of privacy control doesn’t mean that Facebook is creating a privacy-protective default settings for all of its users. And thus, most users will continue to believe that privacy control settings is still not the primary concern of Facebook, at least for this particular moment.

There has been a great deal of discussion across the Web pertaining to the Facebook security issues. Yet, this week Facebook has taken another measurement whereby app developers are required to verify their accounts before they can create new app.

According to the developer’s forum thread, the account verification is done either through mobile phone confirmation or adding a credit card to the developer account. Also, the reason behind this security step is to preserve the “integrity of the Facebook platform.”

Now, a question is being asked, “Do you think that the cyber criminals are likely to be deterred simply by having to provide a valid cell phone number or credit card?”

Well. This reminds me a lot of the security solution launched in July 2009 whereby Facebook asked the victims of compromised accounts to regaining access to the accounts simply by walking through a 5-step quick verification process. Furthermore, this verification process also applied to the Facebook new users if they want to obtain their personal usernames.

In fact, there is still an issue for some users whose country is not U.S. and they are having problems in receiving the sms confirmation code. On a side note, typing “facebook mobile confirmation code” on Google search engine, its search assistant will help you to complete the following sentence, i.e. not receiving facebook mobile confirmation code.

Ironically, a genuine Facebook user is afraid to verify his / her own account whereas cyber criminals are not since they are the one who send out the fake account verification emails. Perhaps it’s more accurate to say that as the genuine group of users, we hate waiting for the confirmation code or being hooked by “phishing” scam. We came across the following messages before:

“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”

“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”

And thus, we shouldn’t be asked to “update,” “validate,” “verify,” or “confirm” account information anymore.

Today is finally the D-day. So, will you quit Facebook today?

For those who don’t know what D-day is all about, today is the “Quit Facebook Day” advocated by a couple of users who have been fed up with Facebook’s privacy issues. They also built a simple site namely Quit Facebook Day and any user who felt that they did not gain the respect from Facebook can “committing a quit action” on this May 31, i.e. today.

Alas, there are over 26,875 Facebook quitters at the time of my writing. However, the amount of quitters is that small and probably is too hard to cause any serious problem for Facebook’s over 450 million of user database.

In an effort to help Facebook users finding out whether or not there is a need for us to review our privacy settings, an app called “Privacy Check” has been developed by rabidgremlin.com.

To use it is very simple, just log on with your Facebook credentials, you’ll get your privacy score.

Apparently, there are three colors appeared on your score sheet. Red color is indicated that you are exposing lots of your private information, yellow is a symbol that your profile information is being locked down whereas green color shows the particular information is hidden from Web sites and the public.

Ironically, the site warns that a Facebook user can’t score a perfect 21 out of 21 points. Additionally, the best score one likely to achieve is 15/21. On a side note, the more friends you have, or you expose lot of your profile information, such as submitted the like clicks, you’ll get a low score.

So, what’s your privacy score?

Picture 1:

Picture 2:

Note to Facebook users: You’ll most likely receive more phishing emails on Facebook than you’re on Google, IRS (Internal Revenue Service) and RapidShare, according to a scam report released by Kaspersky Lab this month. Perhaps it’s no big surprise as Facebook has more than 400 million users and became one of the most popular targets for phishing scams.

On the report, it compiled that Facebook is accounted for 5.7 percent of the phishing pie chart, and thus ranks fourth in the top 10 most popular phishing targets in the first quarter of 2010 across the Web. Meanwhile, the report said that the first most targeted is PayPal, followed by eBay and HSBC is ranked as number three.

On the other hand, with 5.7 percent of the total volume of phishing attacks that Facebook confronted, it is more targeted than Google, which ranked 5th with 3.1 percent, followed by the IRS with 2.2 percent, and RapidShare, the popular hosting site, with 1.8 percent respectively; see the pie chart below.

Source: available at http://www.kaspersky.com/images/vlill/q1_spam2010_pic09_en.png, accessed May 20, 2010

Thinking of your account safety but you do not know how to configure Facebook privacy settings properly? Watch the embedded video in the below and see if it’s right for you.

In fact, the video was produced by ConnectSafely.org, a non-profit Internet safety organization and it’s a 5 and a-half min length video.

Enjoy!

As announced in Facebook’s official blog, they have introduced two main new security features to further protect their user accounts from hackers and scammers.

From now on, users can choose to be notified when their accounts are being accessed from the computers or mobile devices they haven’t used before. Should Facebook detect any suspicious login with the user account, they will ask the person to name the device name, in addition to send an email notification to the account holder as a warning message.

However, to enable this new Facebook security feature, Facebook users have to log-in to their accounts and manually configure the following setting:

1) Log in and click on “Account” at the top right of the page

2) Then on account page, click on “Settings”

3) On the Account Settings page, click on “Account Security”

4) The last step is to change the selection from No to Yes, as shown in the below picture.

Meanwhile, they also add a new layer of security that works at the personal security question; whenever there is a suspicious login, Facebook will prompt the person for identity confirmation.

In fact, the back-end mechanism of these features is targeting at the IP level to automatically match the IP address of one logged in to Facebook, and hopefully these new additions can help to further protect Facebook users from malicious individuals.