How much would your Facebook account bring you if you sold it? According to VeriSign, just a couple of pennies. I spotted an article on Dark Reading the other day detailing a recent black market advertisement for over a million Facebook accounts, sold in 1,000 unit increments for $25-$45. About 2 to 4 cents per account, which highlights how easy it has become for these accounts to get compromised and used to spread malicious software.
This little fact just shows you how prolific Facebook has become as the new medium for malware delivery, replacing traditional e-mail. It also is an ominous indicator to the fact that people are much more trustworthy of links coming from their favorite social networking site than they are about the fishy e-mail in their inbox.
Most users are now aware of the basic "Don't open attachments or links from suspicious emails" mantra, but we have a ways to go before that education extends to social networking. The key is getting our users to understand that Facebook, Myspace, YouTube, a website, and e-mail are all simply modes of transportation for a malicious link or attachment to be delivered, and the same due diligence should be paid to each.