Recently many of us got spam labeled facebook friends name from an unknown email address, well that all was due to facebook hole. These are vestiges of an attack that exploited a misconfiguration on Facebook that was fixed last week, according to Facebook.
” Recently, we discovered a single isolated campaign that was using compromised e-mail accounts to gain information scraped from Friend Lists due to a temporary misconfiguration on our site. We have since enhanced our scraping protections to protect against this and other similar attacks and will continue to investigate this case further. To be clear, there was neither a mass compromise of Facebook accounts nor any leak of private information.
To help protect our users, we’ve built enforcement mechanisms to quickly shut down malicious Pages, accounts, and applications that attempt to spread spam by deceiving users or by exploiting several well-known browser vulnerabilities. We have also enrolled those impacted by spam through checkpoints so they can remediate their accounts and learn how to better protect themselves while on Facebook.
Beyond these protections, we’ve put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people. In addition to the engineering teams that build tools to block spam we also have a dedicated enforcement team that seeks to identify those responsible for spam and works with our legal team to ensure appropriate consequences follow. “
Hope the spam stops soon because not everyone will notice that the e-mail didn’t come from a friend, and some people might actually click the link in the message. Have a safe web