Later today, Facebook is widely predicted to announce a new email system for its 500 million users.
Some commentators, such as Craig Newmark of Craigslist fame, are already predicting that a Facebook email service will go further than being a Gmail-killer, and actually raises hopes of a spam-free future too.
Umm.. I think everybody needs to calm down a little. Because it’s time for a reality check.
Newmark writes about the (let’s not forget, as-yet-unannounced) Facebook email service:
you might tell Facebook email to only accept email from people with Facebook-verified identities. You might have different levels of email priority, from friends, fans, friends of friends, and so on.
(People might link their outside email addresses with their Facebook profiles, and you might choose to accept those.)
Spammers can create their own Facebook identities to try to work around this, but that's way more expensive than getting temporary email addresses, and that raises the cost of spamming people.
If Facebook does introduce an email service, let’s call it “FMail” for reasons of cuteness, then it won’t be the end of spam. It may, however, mean more of a different kind of spam.
As we revealed in our security threat report earlier this year, reports of spam attacks occurring via social networks have been rising dramatically.
Cybercriminals are compromising the accounts of Facebook users, and using their accounts to spread spam messages. It could be argued that using this method of spreading spam is more effective than traditional email spam, because users are more likely to open and trust a message which appears to have been sent by someone they know – one of their Facebook buddies.
So, just because you receive a message from a verified Facebook user who you have already connected with doesn’t mean that the email is kosher. All it means is that the Facebook account was used to send the spam.
More emphasis by Facebook on email could mean that the social network becomes even more attractive for spammers to abuse.
Others, including such luminaries as Bill Gates, have predicted the death of spam in the past. Hopefully others will learn to be a little more cautious with such predictions in future.
Don’t forget, cybercriminals are like a horde of hungry lions looking for their next meal. If they see a whole bunch of zebras (users) congregating in one place (Facebook) for a quick drink at the waterhole, don’t be surprised if they focus their attention there. Spam makes the bad guys money, so they’re going to carry on finding ways to send spam for as long as they can.
We’ll certainly be watching Facebook’s announcement later today about Fmail with interest, and will be keen to see what they have to say about email security.