What many folks don't realise is that Facebook is much more than a social networking website, it's a platform with over half a million active applications running upon it.
Inevitably some of these third-party applications are written with malicious intent - designed to steal information, spread virally, or spam unsuspecting Facebook users. Anyone can write a Facebook application, and it can be made available to the site's over 500+ million users without any vetting by Facebook's security team.
So, it's no wonder we see so many malicious attacks by rogue Facebook apps every day.
Last week, I asked a simple question of our blog readers
Should Facebook follow Apple's example, and have a "walled garden", verifying all apps?
and the response was a resounding "Yes".
I'd love to see Facebook to follow the example set by Apple when governing the iOS App Store. Apple checks every app submitted to its store, but Facebook does nada preferring things to be relaxed, free and easy. It would certainly make life much harder for those scammers, identity thieves and con artists who are actively exploiting users via rogue applications right now if a rigorous verification system were put in place.
Or, at the very least, Facebook could do what some members of the Sophos Facebook community suggested, and give users a security option meaning they would only be able to install Facebook apps that had been verified - and not be pestered by apps that hadn't bothered to go through the process.
The question now is - are Facebook brave enough to take the step for the benefit of their users? Let's not forget - this is people's personal identities and information that are at risk.Follow @NakedSecurity