Facebook members have been hard-hit recently by hackers and spammers who send messages through someone's Facebook account to all their friends - the message typically contains a single link, which generally points to a phishing attack with a page that looks like the Facebook login page that you get when you follow an internal Facebook link before logging in, like the ones that are sent in official Facebook notification emails. We can guess that people who follow those links and enter and submit their information should expect their accounts to be similarly compromised.
The recommendation I received when I reported one of these many incidents to the Facebook abuse team was to inform my friends to change their passwords and contact firstname.lastname@example.org to verify the security of their accounts.
Wishing you the safest Internet experience!
Registered Linux User #370740 (http://counter.li.org)