And it's stuff like this "Facebook Password Reset Confirmation. Customer Message." I received recently. (Those two periods add legitimacy to the subject line. Not.) It read:

Hey alex,

Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.

Thanks, Your Facebook.

I flagged that email as bad quicker than a scalper makes a cop outside Yankee Stadium (to use a timely analogy). It wasn't just the "Hey" or lower-case "a" in Alex, which is not my Facebook name anyway. I thought the "Thanks, Your Facebook" at the close was a nice touch, though of course the proper response is, no, your Facebook.

Seems to me that such security issues are more serious issue for social-networking sites than anyone has yet acknowledged. I believe the patina of friendly interaction, and the good-natured communication which Facebook inherently invites, has raised less of a reaction than if similar problems had occurred on a "regular" site.

Think what Amazon would do if its customers were constantly being bombarded with attempts to steal their credit card numbers.

Which is not to say that Facebook isn't working hard to stanch this stuff. It is. (Check out Facebook's blog as well as its developer wiki.)

However, Facebook is fighting a battle which it appears ill-equipped to win. That's because the security problems facing Facebook aren't due to lapses by the site so much as their occur precisely because of its very nature. So, if you corrected the problem by locking down Facebook, it wouldn't be Facebook.

Because, hey, if you can't trust your friends, who can you trust?

Follow me on Twitter: (@awolfe58)

What's your take? Let me know, by leaving a comment below or e-mailing me directly at alex@alexwolfe.net. Like this blog? Subscribe to its RSS feed: (here)

 My videos on ( YouTube)

 Facebook 

  LinkedIn

Alex Wolfe is editor-in-chief of InformationWeek.com.