It seems that high-profile accounts and Facebook pages might not be the only ones messed with by individuals taking advantage of the bug found in Facebook’s API.
All Facebook’s Hackie Cohen reports about messages peddling a “Facebook sponsored weight loss product” popping up on her Wall, seemingly courtesy of a friend:
Further investigation in the matter showed that the friend who supposedly published the message didn’t actually do it and hasn’t even been to the Facebook page set up by this program.
The page in question only has a link to the online shop where the product can be bought, and according to Cohen, doesn’t appear to install any rogue application on the victim’s profile.
Of course, this may or may not be the result of an exploitation of the API bug. It is also possible that Cohen’s friend has unknowingly fallen for a phishing scam or had his password stolen or guessed by the spammers.
In any case, if something like this happens to you, first change your password, then delete any messages that have been posted form your account in the meantime and check in you Privacy Settings if an application has been installed on your account without your knowledge. If it has, delete it immediately.