The community forum on Facebook's Help Center has become overrun by spammers, making the self-help support community effectively useless.
The spam messages, which at the time of writing are claiming to offer ways to watch live streaming video of American football games, appear to have been posted by bogus or compromised Facebook accounts.
Clicking on the links typically takes you to a webpage which asks you to hand over your email address, claiming that you will be sent a program that will allow you to watch live streaming video of football games. The potentials for abuse or malicious attack are obvious - and we would recommend that no users click on the links.
The alarm was first raised about the spam attack by the
unofficial Facebook privacy and security blog. Hours later, new spam messages are still appearing on the Facebook Help Center.
Could it be that the spammers are taking advantage of the Thanksgiving holiday weekend, when Facebook's security team may be more lightly staffed than normal?
Certainly it's embarrassing for the social networking website to have one of its own pages hit so significantly by spammers, when it has recently been lauding its achievements in the fight against Facebook spam.
With approximately 800 million users on Facebook, spammers will continue to seek out holes in the site's armour and try to trick the unwary into clicking on their links. To have the best chance of success, Facebook needs 24 x 7 protection, every single day of the year, and to raise awareness of the risks amongst its userbase.
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 150,000 people regularly share information on threats and discuss the latest security news.
Follow @gcluley
Hat-tip: The unofficial Facebook privacy and security blog.
I appreciate all the warning info that Facebook itself should be making public to it's users.For not for Sophos I & others would not be aware of the dangers facebook provides us.Thank you Sophos & keep up the great work.
Sophos is a priceless resource that I wish more people knew about. Facebook kind of sucks in a lot of ways, but until someone builds a better social networking site, FB is it. With that status comes all of the attacks, and everyone should be very wary about what the click on and where they go.
I have seen this American football horses*** on a different site's forum page that I moderate on, but still why do people spam post this stuff is it as a bad joke or just trying to be foolish I shall never know why people do this stuff it should be illegal to do something like this!
I think often the link that is in those posts goes to Questionable sites that really have nothing to do with what is indicated by the link. my suspicion is the posters get/or think they will get pennies for each click that gets to the said questionable web site.
Facebook at times appear to be doing little to stop that spam, to point at times it looked like they did not care.
my facebook was disabled supposedly for sending spam they will not let me contest or correct what ever I supposedly did wrong the first of Dec. I never to best of my knowledge sent spam,I have shared stuff from Sophos, Facecrooks, Hoax-Slayer,etc trying to help keep extended family and friends safe.
I have read and reread the facebook rules and see nothing there I did.
A big thanks to Sophos and Mr Cluley for attempting to keep people safe on facebook
The spammers are back in the help center (August 2012) - it started a week or two ago and now it's escalating. I've been reporting every single one but now there are beginning to be too many to report. If it's possible, please alert Facebook again like you did last November!!!!