Facebook spam is nothing news, nor for that matter is Facebook malware. While we are on a nothing new about Facebook theme, ever since grown-ups started to invade the social network has suffered a tad from 'phoney friend syndrome.' I mean, come on, do you really think that Barack Obama is your friend just because a social network says so?

This problem of collecting Facebook fends like some weird hobby is starting to cause real problem, not least because the bad guys have hooked onto the fact that it makes for a great way to spread malware. And that's exactly what is happening right now with the whole Koobface thing which seems to go from bad to worse.

Ever since Kaspersky first warned of the dangers of Koobface, people have apparently been ignoring the warning because the menace continues to spread.

Although Facebook itself says only a "small percentage" of users have been hit by the latest attack, the fact that Koobface is back has to be a worry. Especially when a small percentage of a multi-million userbase is actually quite a lot of people, rather a lot of infected Facebook friends.

So what can you do to avoid falling victim to Koobface? Facebook itself offers some sage advice, not just about the latest Koobface threat but in general when it comes to security matters on the social network:

  • If a link or message seems weird, don't click on it. This is true of all spam—whether a chain letter, an ad, or a phishing scam. If it seems weird for an old friend to write on your Wall and post a link, that friend may have gotten phished. Let the person know, and don't click on links you don't trust.
  • Be aware of where you enter your password. Just because a page on the Internet looks like Facebook, it doesn't mean it is. Learn to tell the difference between a good link and a bad one.
  • Don't use the same password on Facebook that you use in other places on the web. If you do this, phishers or hackers who gain access to one of your accounts will easily be able to access your others too. You might find yourself locked out of your email and even your bank account.
  • Never share your password with anyone. Don't do it. Facebook will never ask for your password through any form of communication. If someone pretending to be a Facebook employee asks you for it, don't give it out, and report the person immediately.
  • Don't click on links or open attachments in suspicious emails. Fake emails can be very convincing, and hackers can spoof the "From:" address so the email looks like it's from Facebook. If the email looks weird, don't trust it, and delete it from your inbox.
  • Add a security question. If your account ever does get stolen, you might need this to prove your identity to Facebook. If you haven't already done so, you can add a security question from the "Account Settings" page.