The BBC reports that almost 20% of Facebook feeds serve up malware. The malware is coming from various independently-written apps, not from users home computers.
From the article:
The majority of infections were associated with apps written by independent developers, which promised enticements and rewards to trick users into installing the malware, BitDefender said. . . .
These apps would then either install malware used for spying on users or to send messages containing adverts to the users’ contacts.
Facebook has a thriving community of independent developers who have built apps for the social network.
The vast majority enable users to tweak their Facebook pages, adding widgets, games or extra functions, such as delivering daily horoscope predictions.
Facebook says it is working on the problem.
I have eliminated most Facebook apps; most of the few I use are Facebook apps, rather than third-party apps.
Speaking of Facebook, I received a strange email purporting to be an invitation to join Facebook to see some lady’s pictures that she had posted just for lil’ old me. It had a “click here to join Facebook” link but no “click here to log on” link. And the “click here to join” link went to “Facebook dot com slash somewhere else.”
There was no corresponding message in my Facebook messages and no “friend request” in my Facebook account.
The email was also dressed up to look as if it were one of those Facebook dot com emails, the ones that tell you that you have a message. I inspected the headers carefully; they looked Facebooky, but they just didn’t feel right. The name of the originating server looked off compared to other Facebook emails in my inbox.
I concluded it was a likely phishing attempted disguised as a Facebook invite and discarded it.
I don’t know that it was counterfeit, but I do know that counterfeiters try to make the stuff they make look authentic.