Cybercrime is rapidly spreading on Facebook as fraudsters prey on users who think the world's top social networking site is a safe haven on the internet.

Lisa Severens, a clinical trials manager from Worcester, Massachusetts, learned the hard way. A virus took control of her laptop and started sending pornographic photos to colleagues.

"I was mortified about having to deal with it at work," said Ms Severens, whose employer had to replace her computer because the malicious software could not be removed.

Cybercrime, which costs US companies and individuals billions of dollars a year, is spreading fast on Facebook because such scams target and exploit those naïve to the dark side of social networking, security experts say.

While News Corp.'s MySpace was the most popular hangout for cyber criminals two years ago, experts say hackers are now entrenched on Facebook, whose membership has soared from 120 million in December to more than 200 million today.

"Facebook is the social network du jour. Attackers go where the people go. Always," said Mary Landesman, a senior researcher at web security company ScanSafe.

Scammers break into accounts posing as friends of users, sending spam that directs them to websites that steal personal information and spread viruses. Hackers tend to take control of infected PCs for identity theft, spamming and other mischief.

Facebook manages security from its central headquarters in Palo Alto, California, screening out much of the spam and malicious software targeting its users. That should make it a safer place to surf than the broader internet, but criminals are relentless and some break through Facebook's considerable filter.

The rise in attacks reflects Facebook's massive growth. Company spokesman Simon Axten said that as the number of users has increased, the percentage of successful attacks has stayed about the same, remaining at less than one per cent of members over the past five years. By comparison, he said, FBI data show that about three per cent of US households were burglarised in 2005.

"Security is an arms race, and we're always updating these systems and building new ones to respond to new and evolving threats," Mr Axten said.

When criminal activity is detected on one account, the site quickly looks for similar patterns in others and either deletes bad e-mails or resets passwords to compromised accounts, he said. Facebook is hiring a fraud investigator and a fraud analyst, according to the careers section of its website.

But ultimately Facebook says its members are responsible for their own security.

"We do our best to keep Facebook safe, but we cannot guarantee it," Facebook says in a warning in a section of the site on the terms and conditions of use, which members might not bother to read. (www.facebook.com/terms.php)

"People implicitly trust social networking sites because they don't understand the real threats and dangers. It's like walking down the street and trusting everybody you meet," said Randy Abrams, a researcher with security software maker ESET.

Amy Benoit, a human resources manager in Oceanside, California, said she may stop using Facebook altogether after she became entangled in a popular scam. A fraudster sent instant messages to a friend saying that Ms Benoit had been attacked in London and needed $600 to get home.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.