While most Facebook users have never been affected by security issues like phishing attacks or the Koobface worm, those that do fall victim can sometimes have a hard time getting their account back in working order quickly. Historically, Facebook has notified users whose accounts have been compromised via email with instructions for restoring their account.
Now, Facebook is launching a new process within Facebook that includes a more efficient way of checking security, verifying your account, and changing your password. Users whose accounts have been compromised will now see the following wizard the next time they log in:
Talking about the changes, Jake Brill, project manager for Facebook’s site integrity team, says,
It can be an embarrassing experience to log in to Facebook to find that unauthorized messages have been sent from your account and then face questions from friends who have received spam from you.
We’ve spent the last few months improving the way to guide people through the process of regaining access to their account after it’s been compromised and used to send spam. Currently, we send emails explaining what happened and provide links to remedy the situation. Now we’re moving towards a new model that also involves clear and simple steps taken within Facebook itself. In doing so, we can ensure that the person logging in is the true owner of the account, thereby preventing hackers from using it to send spam in the future.
Facebook said it will be updating the process in the future to address the “different threats people may face.”
As Facebook grows beyond 250 million users and many new users are figuring out how to use the service, it’s likely that security threats will continue to pop up from time to time over the coming months. However, Facebook has dedicated a team for a long time to aggressively fighting these security issues through a variety of technical measures – and Facebook is pursuing phishers in court as well. The new, more streamlined account recovery process will hopefully make dealing with accounts that have been compromised easier for both users and Facebook alike.