[raesene]

There have been some interesting cases where fraudsters have hijacked facebook accounts and then used them for targeted phishing attacks.

One example of the attack http://techcrunch.com/2009/01/20/latest-facebook-scam-phishe...

In those cases the fraudsters have stolen the account completely and locked the original user out, but I guess it's that kind of attack + the information leakage aspect that could be a concern..

[koevet]

Yes, true. Something similar happened to me when a I have received an email (gmail) from a friend asking for money because she was stuck somewhere. Similar pattern. It's interesting to notice that this social engineering attacks are easy to carry in a place like US, where there is one common language. I immediately detected that the mail was a fraud, because this person would have never write to me in English.