Karina Wells, a Google employee in Australia, received a Facebook message from a friend on Friday saying he was stranded in Lagos, Nigeria and needed $500 for a plane ticket home. What made her suspicious was her Australian friend's use of American terms like "cell phone" instead of "mobile."
So, Wells pretended that she was going to send the money via Western Union and instead turned the case over to authorities, according to The Sydney Morning Herald.
Other Facebook users might not be so wise. Such Nigerian scams are common over e-mail but not on Facebook where you are only supposed to receive e-mails from friends in your network, unless one of them has had their account compromised.
"E-mails from social-networking sites are much more likely to get into our e-mail accounts in the first place, since they don't have the obvious hints that botnet spam does (such as a known-bad sender IP address, or known-bad headers, or known-bad e-mail construction) causing them to be filtered out," Graham Cluley, a senior technology consultant at security firm Sophos, writes on his blog.
"But this incident is going one step further," he continues. "We will no doubt see more electronic conmen using stolen Facebook identities to steal money directly from the innocent by posing as their online buddies, unless more people take greater care over securing their computers and personal data."
Basically, the message is don't trust any message just because it looks like it comes from a friend, and verify information before you do anything. Oh, and keep your own PC updated with the latest antivirus and firewall software and operating system updates.