It seems that the spammers and phishers are making their way over to Facebook in order to wreck another perfectly good website and make it a nightmare for the users.

For those who, don’t know, Phishing is the when people attempt to steal your passwords, or credit card numbers, or other sensitive information in order to take it and Spam other people in an attempt to phish them or make money or wreak havoc with spyware or viruses.

We’ve all seen it and are quite familiar with it. If you have a MySpace you know exactly what social networking phishing and spam is like. We’ve all had fraudulent messages sent to our inboxes, usually with a pretty girl in the picture telling us to go to a certain website, or trying to sell us a product no one really needs. That’s your classic spam. I have to admit the spammers are getting pretty good. I’ve almost been fooled once or twice, but realized that these “people” were not real people before any damage was done.

Phishing is a bit more tricky. It’s typically sent via email, IM, or social networking comments or messages. If you’ve seen friends of your sending out spam comments, then know they are phishing victims. If you click on one of the links in those message you’ll typically be redirected to what looks like a legitimate login screen for whatever site you’re using, but beware. It’s (usually) a clone site that, when you enter your name and password, it is transported into the hands of these online criminals. You just got phished! And now you’ll see your name sending out these fraudulent messages as well.

In the realm of the web, a simple password change usually remedies the problem. The real nastiness happens if the a link you click downloads spyware or malware onto your system. For the most part, this is only a problem for Windows users, as Mac and Linux platforms are immune, in a roundabout way. The common ads for spyware involve telling you that your computer is already infected and you must “immediately download this protection software or else!” These are spread more through websites than social comments and messages, but I’ve seen them there too.

Your best bet is to know what you’re clicking. Once you’re hit with spyware or a virus, you’re pretty much done. You can try to clean it, but in my experience the only real cure is a total system wipe and reinstall.

There are some software packages you can use to protect yourself from most attacks, but nothing is foolproof. Check out Windows Defender, Spybot Search and Destroy, or the Symantec Anti-Virus packages.

And know where you are on the web. Learn the URLs of the pages you’re on. If they don’t look right, don’t enter your password. If you’re unsure, go back to the main page (myspace.com, facebook.com) and enter your information there if prompted.

I’m really upset about the Facebook phishing thing. I mean I knew it was only a matter of time, but I really like Facebook and how much cleaner and nicer it was than MySpace. Now, I haven’t seen any of these phishing attempts in the wild yet, but as time goes on I’m sure it will become more and more prevelant. I hope Facebook catches it early enough to put some real blocking mechanisms in place to stop it before it happens. If not, I’m already setup on Virb and ready to fully migrate there if need be.

For more information on the Facebook Phishing, visit TechCrunch.