Facebook scam - Part 2
This just in from the BBC web site, Symantec have identified a virus that steals user names and passwords, nothing new there. But, if I understand this right, it is delivered through a Facebook invitation from someone you don't know and delivers malware which can then steal user names / passwords and also keylog credit card info.
http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
Now, I realise that Facebook et al are trying their best to educate their users not to accept invitations from people they don't know, but as per my earlier post about stealing log on details for a mail account / social network, what if the fraudster had the Facebook user name and password of someone who had a load of Facebook friends? They could then send out the malware to all their contacts. This would result in a much increased success rate for the fraudster as the reciever would be much more likely to trust them, not knowing it was really a fraudster at work.
I really don't think that the social networking sites understand the value of the trust that a connection between users engenders, and the associated risk when their accounts are compromised.
