Summary: Facebook has confirmed the volume of spam on its service is growing faster than its user base. Still, Facebook blocks 200 million malicious actions, such as messages linking to malware, every day.
Facebook has employees who fight spam on a daily basis, via various automatic methods as well as manual verification to filter out unwanted content. These are all reactionary methods, since spammers quickly modify their attacks. “It’s an arms race, and our goal is to be one step ahead,” Pedram Keyani, a Facebook engineering manager in charge of the effort, told The Wall Street Journal. “This is a game where there is never going to be a winner or a loser. We’re just going to be battling it out.”
In 2008, Facebook had just four engineers working on site integrity, a team which scans for spikes in what users report as spam and other unusual activity (such as friend request rejections). Today, it has 31 members, plus a separate security team of 46, and another 300 focused on user issues. Some 1,000 engineers, lawyers, user-operations managers, and risk analysts (out of Facebook’s 3,000 employees) help in some way to fight spam.
Social spam, the type of spam present on social networks, is worse than its predecessor because it often appears to be from a friend. Criminals like being able to spread messages through a chain of trusted sources: they often create fake Facebook profiles and then friend people they don’t know. If a real person then clicks on a malicious link, installs a rogue app, or downloads a piece of malware, the spam spreads by tricking his or her friends to do the same.