Interesting IT World article about how social networks have become the latest information feed for social engineers in the identity theft ballgame:
With e-mail and IM spam and Internet scams, the whole social-engineering game is to get you to trust a stranger. But social networks are different. The goal there is to get you to believe the fraudster is a friend whom you already trust.
If you're on Facebook, you've no doubt got a bunch of friends. And if you're like most Facebook users, you're certain those friends are exactly who they say they are. And you might be right. Or you could be wrong. They could be scammers posing as your friends.
How hard is that, exactly? It turns out to be hideously easy to do.
The author discusses how the gap between someone's MySpace and Facebook friends (or, possibly Facebook and LinkedIn contacts) could be exploited for social engineering. He talks about Facebook as presenting the "perfect storm of fraud factors," which is somewhat ironic since the geniuses at Facebook haven't even really figured out how to get the cash flowing yet -- just wait until the scammers target the plug and play PayPal app and it's game on for the Nigerian Prince E-Publisher's Clearinghouse brigade.
Maybe this type of social engineering nastiness will be the one thing that can slow Facebook's meteoric growth. Regardless, the stricter you are about the definition of the word "friend," the better.
(FYI There's a Twitter virus on the loose as well. I guess it comes with the buzz, eh?)