Facebook Security: How to Spot, Engage and Disarm Scams and Spam
Many Facebook scams entice users with intriguing Wall posts that usually advertise some sort of lurid photo, or offer extra Facebook functionality, such as seeing who viewed your profile or installing a 'dislike' button. The notorious 'Koobface' scam is a perfect example. This scheme spread via links that reportedly led to racy videos. Clicking on the link, though, would infect a user's computer, and plaster the exact same message all over their friends' Walls. Since then, others have used essentially the same formula.
Fortunately, most of these scams are pretty transparent. First of all, if you receive a Wall post or message from someone with whom you don't normally interact on Facebook (or, for that matter, in general), it's probably not a genuine post. Most of them also use the same kind of Web lingo. If you see an 'OMG' or 'LOL'-laden post from someone who never LOLs, you should avoid clicking. The attached links, moreover, are usually sheathed in some sort of code, rather than a typical, 'www...' URL.
Other malware can spread via Facebook applications. These scams may spread via the same Wall-post mechanism, but eventually ask a user to grant an "app" access to their Facebook profile. Once access is gained, the rogue app can harvest your personal information. Don't worry, though. You can regain control over your apps by adjusting your settings under the 'Privacy Settings' tab at the top right corner of your Facebook homepage. Here, you can choose to remove all 'spammy' applications with a simple click, or adjust how much personal information is available to all of your other apps. (Just to be safe, we'd recommend unchecking all the boxes.)
Good Samaritans, meanwhile, can always notify Facebook whenever they spot some new scam, by visiting the security section in Facebook's Help Center.