Facebook appears to be controlling 'wall spam'

On Sunday, I had an e-mail alert about someone writing on my Facebook wall--a college acquaintance with whom I hadn't spoken in quite some time. As it turns out, I was a victim of "wall spam," a recent phenomenon on Facebook in which automated spam posts show up on members' message walls. It's similar to a wave of profile spam that swept News Corp.'s MySpace a few years ago.

The message in question read, "Some thinks you are special and has a hot^crush on you. Find out who it could be!! ;)" with a link to a Flash file claiming to be hosted on the imageshack.us domain.

But by the time I navigated to my Facebook profile to get rid of the spammy (and possibly virus-ridden) message--within an hour or two of the notification showing up in the first place--the wall post was gone. This means one of either two things: someone else saw the message on my profile and flagged it, or Facebook is actively policing the site to keep it under control, probably by searching for duplicates of a known spam message.

Of course, an hour or two is still a big enough frame of time for people to click on the link and get their computers loaded with some nasty new malware.

I've asked Facebook for comment on exactly what their strategy is and whether any members' login credentials are getting compromised by this spam or virus. I'll update when I hear back.

"Wall spam" rose to notoriety earlier this month, when members started noticing the phenomenon, and security firms started flagging worms that were spreading via Facebook members' walls and installing malware when a link in the message was clicked. The company has recommended antivirus fixes and says it's acting fast.

The Silicon Alley Insider reported earlier this month that Facebook had been deactivating links in identified spam posts; removing the posts entirely is a more aggressive measure.

"If we get a report of a bug or a hole from a user, a security researcher, a reporter, blogger, or anyone, we check it out and fix it as quickly as possible," Facebook security chair Max Kelly wrote several weeks ago on the company blog in response to another virus. "In fact, we appreciate it when help comes our way from the many security experts and organizations out there."

[cuwickliffe]

I also some some weird stuff this weekend, but rather than through wall spam, I got messages in my inbox that purportedly went to a site that kind of looked like YouTube, but obviously wasn't and used an onLoad parameter to try to download an .exe file. These were "from" people I never talk to, but are on my friends list.

[jason21193]

I also along with a few of my friends received an e-mail over the weekend that said RE: Hi My Friend. "Is This You Having Sex" and a bunch of letters and numbers which appeared to be a link to a video but it wasn't one of my friends made the mistake of opening it and it sent everyone he knew on his friends list and sent them the same message from his profile what the worm actually does I do not know but be advised DO NOT OPEN ANY OF THESE MESSAGES. Facebook manage to catch a couple of these but it went out in such a large quantity some slipped through the cracks so be careful

[Harrison912]

I use FaceBook primarily to raise awareness for my safety and security web site and products so I am always concerned about safety since it's my business. I appreciate everything FaceBook is doing to keep the community there safe.

[Tinman52]

So, did you click on a bad email or is you're profile not restricted to just friends? Either way, unless I'm misreading the article, if you're getting random wall messages, it sounds like user error.

[mhcb13]

haha... www.fanebook.com
watch out for it