It may be the case that users inadvertently share or post bad files or links on Workplace. We are uniquely placed, as a SaaS vendor, to protect users against being exploited by all manner of phishing and social engineering attacks. As a core part of maintaining the security of information on Workplace, we implemented controls to mitigate this risk.
- Every time a user clicks on a link in Workplace, that request will be routed through our systems, which check in real time if the site is dangerous. If the site is found to be dangerous, the system will interrupt the request and notify the user.
- Similarly, files uploaded to Workplace will be subjected to deep inspection by multiple integrity systems and blocked if they are identified as malicious.
- Workplace also has limits to prevent abuse of our features and to protect people on your community from spam and harassment.
Being able to run a check at click time (i.e. when a user clicks on a link) enables us to have more sophisticated classification than what we have at display time (i.e. when the link is displayed). In addition to our own internal list and integration with external blacklists, we use advanced machine learning classifiers to check the authenticity of the sender along with a slew of other inputs.
The link protection service also allows us to protect users who consume content via email. If we relied on display-time filtering or other means alone, we would not be able to retroactively block any malicious URLs that had been sent over email. To help defend against this threat, all links to non-Workplace URLs in email are rewritten to first go through the link protection system. By building our system to use click-time checks, users clicking links in their notification emails will still be prevented from seeing malicious or spam contents.
As Facebook has grown, our need to regulate the content put onto the platform has also grown. Over the years, Facebook has implemented numerous automated policies to try and ensure that our platform is safe for our users and that we do everything we can to prevent bad actors from using the platform.
Workplace inherits a number of these automated policies, to the benefit of us and our users. One of these policies is the detection and flagging of malware. If we detect malware being uploaded by a user, we will inform the user and create a security log for an admin.
We scan files using our anti-virus/anti-malware scanning service and check our repository for any files that we believe to be malicious. In order to better protect users of Workplace, it's useful to keep track of the bad actors. The data describing bad actors and their attack vectors is commonly referred to as threat intelligence, which comes from an industry exchange of malware signatures. At Facebook and Workplace, we collect, store and rely on our threat intelligence systems to improve the security of our services.
Check malware uploads reports
To see how many malware uploads have been blocked: