Facebook has been hit by another attack by hackers believed to be stealing personal details for committing fraud.
Affected users were tricked into logging in to a fake site controlled by hackers who harvested the login details.
The attacks are similar to other phishing attempts on the site in recent weeks in which accounts were compromised and used to target account holders' friends to lure then to the fake sites.
Facebook has blocked links to the phishing sites and reset accounts passwords, but has downplayed the attacks, claiming they affected less than 1% of users, according to the New York Times.
As the Facebook community grows it is attracting an increasing number of phishing attacks, but security experts have criticised the service for weaknesses in safeguards.
Facebook is seeking to address security weaknesses in part through stricter control of third-party applications.
Developers will soon have to submit their applications to Facebook to ensure they meet minimum security and transparency standards before they can be used by subscribers.
To help combat phishing, Facebook is urging members to check that they are not logging in to a fake site instead of the facebook.com domain and to be suspicious of all requests for login details.
Subscribers are also advised to use only browsers with anti-phishing features and use different login names and passwords for each online account.