Early on Monday I blogged about the iPhone and iPad tester scams which had been affecting many Facebook users' accounts, posting images on their walls in an attempt to direct the unwary into the arms of the scammers.
It appears that one person who missed my blog entry was Facebook CEO Mark Zuckerberg (that's okay, I guess he's busy with other stuff). His friend Erica had her account messed around with by the scammers, who posted an image of an iPhone 4 into one of her Facebook photo albums.
Zuckerberg was obviously suspicious if the photo (with link to a dodgy scam website) was legitimate or not, posting
Is this real or did your account get hacked?
as you can see in the screen capture below.
Nice one Mark! Even though you weren't sure if it was a scam or not, at least you suspected that something fishy was going on. At this rate you might get yourself a career in SophosLabs if your current job falls through.
Although of course, Zuckerberg posted this 10 hours ago. And Sophos posted its warning about it on our Facebook page at 00:41 UK time on Monday. That's about 42 hours earlier.
And at the time of writing, the malicious message in Erica's photo album is still there - and presumably many thousands of others continue to carry the scammer's link even now. You would think that with friends in such high places, Erica's Facebook account would have been cleaned up by now at the very least.
But hey! Better that he said something about Erica's security problem than ignored it. If only Mark Zuckerberg were keeping a close eye on all of our Facebook accounts.
Everyone must take more care when they're online as right now we're all making it too easy for the scammers and cybercriminals to spread their attacks. Over 22,000 people have already joined the Sophos page on Facebook to be kept informed of the latest security threats - we'd be delighted if Mark Zuckerberg and Erica were the next.
Hat-tip: Thanks to Clu-blog reader Daniel Hadfield for bringing this to my attention.
Update Someone must be reading my blog. Erica's hacked Facebook post (and picture), which I had linked to above, have been removed.