Second rogue application attack this week

Facebook has suffered its second malware attack in a week, after it emerged that a rogue application has been posting notifications to user profiles containing malicious links.

This time the scam took advantage of the publicity surrounding the proposed new terms and conditions for the popular social networking site.

The message read: "[Friend's name] has just reported you to Facebook for violating our Terms of Service. This is your official warning! Click here to find out why you were reported! Request Facebook look at what has happened and rule immediately."

Users following the link had an application called 'facebook - - closing down!!!' installed on their PCs. This then spammed all of the affected user's 'friends' with the same message, potentially collecting personal information as it went.

"It sounds like this could be a new favoured trick being used by spammers and identity thieves to build up their databases of intended targets," wrote Sophos senior technology consultant, Graham Cluley, in a blog post.

Rik Ferguson, solutions architect at security vendor Trend Micro advised Facebook users to exercise extreme caution when surfing.

"Surely these two events in just a single week mean that it’s about time that Facebook reviews its application hosting policy," he added.

"Prevention of rogue applications with extremely dubious intent to propagate freely within the site is needed."

The scam follows another attempt earlier this week to trick Facebook users into installing malware. An 'Error Check System' application sent notifications to Facebook users stating that one of their friends "has faced some errors when checking your profile", and prompting them to click a malicious link to "View the Error Message".