And it's getting worse by the day as scammers figure out clever new ways to trick unsuspecting users.
Here are three of the most popular scams on Facebook, all of which have become more pervasive in recent months, according to the report by Sophos Security:
- Likejacking Worms: Scammers set up a website promising a titillating story, i.e.: "LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE." Then they trick thousands of users and their friends into "liking" the page, really an empty placeholder. Scammers profit from the traffic.
- Survey Scams: Similar deal: A super-juicy news story is promised: Ex. "OMG! Look what this kid did to his school after being expelled!". You have to "like" the page and fill out a quick survey before reading the story. Whoops: you just gave scammers a commission for filling out the survey, and helped the scam spread by sending it to all your friends.
- Fake Applications: Want to see who viewed your profile? You can't! That hasn't stopped scammers from creating fake applications that purport to let you see who's checking you out on Facebook. Instead, the applications just send you to a survey, and automatically broadcasts a link to all your friends. Scammers win again.
And this doesn't even include Farmville!
Facebook claims that, while the volume of scam attacks has increased, the effectiveness of its efforts to combat them have ramped up proportionally. "If your spam filter catches all the spam, does it matter if your filter caught 10 percent more," the company said in a statement. And Facebook has successfully sued some spammers into oblivion.
But new scams surface almost daily and sweep across thousands of profiles (even as the most notorious scammers are stomped out). Like good bloggers, scammers know what gets clicks, and the same features that make it easy to share legitimately crazy stories about, say, second graders having oral sex, lets any scam story spread just as quickly. And now that Facebook is considering letting third-party apps access your address and phone number, the stakes of falling for a scam just got that much higher.
It's getting eerily reminiscent of the dog days of MySpace, when your profile buckled under spam posts from SexxxyLady69 telling you she was lonely, and won't you click this link to meet her?