The malicious e-mail messages were of the garden variety for scams: poor grammar, misspellings, and a request to visit an external site that included the domain name www.151.im, www.121.im or www.123.im (do yourself a favor and don’t click on those links). Once there, users were asked to log in again with their Facebook user ID and password, and boom — suddenly, your information is released and becomes a vehicle for spamming.
A Facebook spokesman told the New York Times that Facebook was “blocking links to new phishing sites, cleaning up phony messages and Wall posts and resetting the passwords of affected users.” The number of those affected is undetermined.
There are many ways to protect your identity on Facebook, including varying your passwords, changing privacy settings and keeping a close eye on the domain name. Also, if your college-educated friends start typing like third-graders, something’s probably up.