Where's the one place you can throw up mysterious, shortened URLs and know people will unsuspectingly click? Social networks! And Facebook is especially dangerous, since said links appear to come from trusted friends within a private network.
It seems like hackers are catching onto the gold mine of potential "victims" available on Facebook. And while awareness for email phishing scams and viruses is fairly widespread, watching out for these types of attacks on Facebook is just now making its way into the news.
Here's a quote from a recent Microsoft report on the incidence of phishing on social networks:
"Phishing sites that target social networks routinely receive the highest number of impressions per active phishing site. The percentage of active phishing sites that targeted social networks increased during the final months of , but still only accounted for 4.2 percent of active sites in December, despite receiving 84.5 percent of impressions that month."
In other words, phishing on social networks is still a pioneering trade, but criminals are receiving high impressions (most likely because these links seem to come from a trusted source).
To combat this threat, two University of California, Riverside students have partnered with StopTheHacker.com to develop an application called MyPageKeeper that detects spam and malware posted on Facebook walls and news feeds.
Basically, the application scans your wall and news feed, and anytime it detects something that looks malicious, it notifies you and invites you to remove the content.
You can download MyPageKeeper here. (You can trust the link—I promise.)