Facebook head of security Max Kelly, a former FBI computer forensics examiner, wrote a blog post tonight addressing the worm attacks on Facebook we wrote about earlier today. His advice to Facebook users: report suspected malware, and try not to share your password with anyone.
Kelly also says Facebook blocked the ability to link to the malicious website from anywhere on Facebook, although a black list approach like this is a never ending battle. The real solution on an individual level is to bail out of Windows to Mac or Linux where you are (relatively speaking) safe from these kinds of attacks. Of course, if too many of you do that, those operating systems will be targeted next.
A more general solution relies on an awareness campaign about these social hacks by the major sites like Facebook and MySpace. Eventually users will learn to avoid the newest trap, and the bad guys will be forced to invent yet more creative ways to get into your computer.