In the latest scam, Australian Karina Wells received a message last Friday from one of her friends, Adrian, saying he was stranded in Nigeria and needed her to lend him $500 (£213) for a ticket home.
Wells said 'Adrian' wrote English well but used words such as "cell" instead of "mobile phone", which tipped her off that she was not talking to her friend.
The scammer asked Wells to transfer the money into a Western Union account.
Wells told The Sydney Morning Herald: "Naturally I was concerned as, to all intents and purposes, this seemed to be legitimate.
"I pretended that I would help, obtained all the details of where he was and forwarded them to both Facebook and the relevant authorities."
Experts believe the fraudster obtained her friend's login details through a password-stealing virus, spread through software known as 'malware'.
The fraudsters send a Facebook message from a friend with a subject such as "LOL. Private video with you. Funny".
Once the user opens the message they are encouraged to click on a video clip link that takes them to a bogus web page.
The user is then told to download a video player upgrade before they can view the footage. However, the apparent upgrade is the password-stealing virus.
When the victim next logs into Facebook, the malware message is sent to all of their friends.
A Facebook spokesman said: "Only a small percentage of users have been affected by recent spam attacks. We are updating our security systems."