In the realm of Web 2.0 we see a prevalance of information sharing, especially in social-networking sites such as MySpace and Facebook. While there is nothing wrong with information sharing, there have been many concerns about privacy, productivity at work and a new platform for threats.
How is using Facebook a threat you may ask? Many people do not realize that their profile may be too “open”, allowing unintended people to view their profile. Unless you specifically choose not to allow strangers to contact you, you are susceptible to receive messages and wall posts. This means you can get those annoying spam messages about buying penis pills, fake Rolex watches or even worse, scam messages attempting to get your money.
See our article on Facebook best practices on how to protect your Facebook account.
Spammers typically target mediums which require the least amount of money (i.e. sites that are free to sign up). In order to send or post messages on Facebook, you must register a free account. This can be a tedious job for a spammer to do all day, and is potentially traceable by the IT staff at the target website. Spammers have now collaborated with, or started becoming malware authors. They will use or write a program such as Troj/Noreger-A (see below) to automatically register accounts on Facebook for the purpose of account exploitation.
What this means is that you should better screen users claiming to be your friends and don’t fall prey to spam messages.