A new vulnerability for Facebook users:

From F-Secure.com:

Facebook recently published a nice new feature: Reply to this email to comment on this status.

This seems like a very handy feature to have if you’re trying to converse with friends on the go.

But is it secure?

As it turns out, based on our testing, anyone can use the Reply To address, from any e-mail account.

Of course, the notification links are only sent to the account holder’s primary e-mail, but we all know just how often e-mail accounts are phished/hacked, right?

Try it yourself. Send an e-mail message to this address, include a subject message, and you’ll see the results, posted in Matti’s name, here.

Coming soon to a comment near you — EMAIL REPLY SPAM.

Also, read more at AllFacebook.com here:

The problem is, that email notification address is accessible by anyone.  Meaning that if someone were to find that email somehow, they could respond on this thread, regardless of whether they’re your Facebook friend. Unfortunately for Facebook, it’s relatively difficult to control this security vulnerability.

So as more and more of you become comfortable with the wonder that is Facebook, realize that every good thing has people looking to take advantage of it – stay diligent and remember to keep good security practices!