This new wave of spam, dubbed 'spam 2.0,' has only recently appeared on Facebook's 'wall' feature, but has been seen on MySpace for quite some time. Spammers post deceptive messages that link to spam sites such as online pharmaceutical retailers - a technique that is not unlike cases in which spammers post links to spam sites on blogs and forums.

Facebook wall spamming is a slightly different take on this approach, where spammers adopt their own user profiles to spread these messages and buy or 'rent' these identities from online thieves, according to preliminary research by Internet security firm Fortinet (fortinet.com).

The research revealed that spammers accessed users' accounts using phishing tactics. Earlier this year, a phishing worm was found spreading on Facebook and both incidents may be related, says Fortinet.

The Internet security firm has posted a full advisory on the attack, which includes screenshots, here. The advisory warns social networking site users to be wary of phishing attacks.

Meanwhile, spambots on MySpace have recently adopted more sophisticated techniques, reports Websense (websense.com). These cleverly-designed malformed profiles hide the actual MySpace profile areas so when visitors click on them expecting to see pictures or messages, they are instead greeted with content from spam advertised sites or worse.

"This technique can easily be adapted for malicious purposes, such as drive-by installers, MySpace phishing, and so forth," says Websense researcher Ali Mesdaq. "MySpace has a built-in security feature to catch form submissions to other sites. However, it seems to be reliant on a 'Submit' button being present to trigger the form. Having the warning there is a good, proactive security measure, but if the warning is bypassed, then it does no good."