Facebook just launched a new notification feature that will alert you if the social network strongly suspects that your account is being hijacked or targeted by hackers working in the interest of a nation-state.
The message, which you can see below, recommends users to turn ON "Login Approvals," so that their Facebook accounts can only be accessed using stronger two-factor authentication.
Facebook insists that some necessary steps are already taken to secure users' Facebook accounts that may be targeted by hackers, but the company has also stepped up to directly warn its users when a government-sponsored attack is under away.
In a blog post published Saturday, Facebook Chief Security Officer (CSO) Alex Stamos announced that this step to secure accounts is necessary "because these types of attacks tend to be more advanced and dangerous than others."
Stamos added that "it's important to understand that this warning is not related to any compromise of Facebook's platform or systems and that having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware. Ideally, people who see this message should take care to rebuild or replace these systems if possible."
But, this raises a question in my mind:
How exactly does the social network know that an account is being targeted by a government-sponsored hacker?
Facebook isn't disclosing how it would be able to differentiate between accounts compromised by a nation-state's hacker and smaller-scale attacker, saying that it has to "protect the integrity" of its methods and processes.
However, the social network giant promises that the company will only use this new warning notification "in situations where the evidence strongly supports [their] conclusion."
Facebook recommends its users to:
- Rebuild or Replace any system that may have been infected with malware
- Turn ON Login Approvals
Enabling login approvals is a good practice to help users keep outsiders from logging into their accounts. In this case, whenever your Facebook account is accessed via new browser or device, the company will send a code to your mobile phone.
So next time when you get any notification from Facebook, take the matter seriously.