Account hacked? Facebook appears to have extended its partnership with McAfee to offer users a free 6-month trial of anti-virus software as part of Facebook’s “Roadblock” account restoration tool. Facebook announced a one-year partnership with McAfee in January 2010, but now the Roadblock tool — complete with McAfee branding — is being promoted in links from the official Facebook Security Page and the Help Center.
Helping users rid their profile and computer malware like Koobface and Yahos keeps security threats from spreading on Facebook and increases overall trust in the site.
The Koobface worm, which used stolen accounts to spread itself through Facebook Messages, became a major security issue in 2008. In addition to infecting their profile, the worm installed malicious code on a user’s computer that could help it spread later, so Facebook worked with Microsoft to develop a joint solution.
Though the two prominent worms have been mostly eradicated from Facebook, those who suspect they may be infected can visit Roadblock, and Facebook asks users to recommend the tool to friends who may have been hacked.
Fred Wolens of Facebook’s Public Policy team tells us “Roadblock was built in conjunction with McAfee and protects users from various malware strains that target Facebook, including Yahos and Koobface.” While he declined to comment on details of the Facebook-McAfee partnership, had it not been extended it would have expired in January 2011.
After verifying their account with an email code or security question, learning about how Koobface spreads, and changing their password, users a provided a link to McAfee. There they can start a free trial of the anti-virus software for PC, a $20 value.
The extension of the partnership benefits McAfee, as users need to enter their contact information to start the trial, seeding future sales of the anti-virus software. Facebook gains by reducing the chances that worms like Koobface will resurface. The interconnected nature of the the site makes it vulnerable, so Facebook must combine pre-emptive and reactive threat reduction strategies to improve the public’s perception of the service’s security.