There's the Osama bin Laden death video that downloads a virus into your computer. A sting known as the grandparent scam in which fraud artists plead desperately for money, pretending to be young relatives. And a new one just surfaced that steals your personal information by advertising a 20 percent cash rebate for users who link debit cards to their Facebook account.
People are used to con artists pitching them via email. Who hasn't received a sketchy alert that they've won an African lottery, inherited millions from a long-lost relative in Eastern Europe or had a security breach of their bank account?
But Facebook, with its network of "friends," has a way of making people let their guard down.
"We've all been dealing with email spam for 10 or 15 years now, and we've gotten darn good at it," said Chester Wisniewski, a senior advisor at Sophos Ltd., a provider of corporate data security systems.
"But it's a lot more convincing when you think you're hearing from your cousin than getting something filled with spelling errors from a random stranger in Russia."
Sophos calculates that straight email scams have dropped 30 percent over the past year or so, and Wisniewski said widespread anecdotal evidence shows social-media scams have surged.
In 2011, a federal Internet crimes center logged 314,246 complaints with losses totaling $485 million, the third straight year of more than 300,000 complaints.
Some scams involved emails that appeared to be from Facebook itself, or popular games such as "FarmVille" or "Mafia Wars." And, armed with user names and passwords, thieves will hijack Facebook accounts to target people on their friends list.
A simple scheme might use a template from a genuine Facebook email to ask millions of people to update their security questions because of unauthorized access attempts against their accounts. Then the scamsters snatch your personal information.
Still more vulnerable are the many users who accept all friend invitations, along with those having low or no security settings on their accounts.
"Even if you don't friend someone, if you post things publicly or share lots of information with a compromised friend, your information is still available," Wisniewski said. "If something is truly sensitive, it is best not published on the Internet."
Schemes in which criminals pretend to be a desperate relative in need of help appear to be among the most brazen.
The so-called grandparent scams gather information about the target person, their family, friends, even dogs and cats. Then comes the appeal, laced with personal details, typically in a muffled and distraught phone call saying a young loved one needs cash quickly to get out of a jail or a scrape in Eastern Europe, Asia or Latin America.
"I prefer to call them 'relative in distress' scams since that's the general scenario," said FBI spokeswoman Laura Eimiller in Los Angeles.
"It looks like it's coming from a friend," said Jenny Shearer, an FBI spokeswoman and cyber crime expert.
"As always, we advise people not to click on links in strange messages, even if those messages have been sent or posted by friends," a Facebook spokeswoman said.
Our new comment system is not supported in IE 7. Please upgrade your browser here.