According to Marek Polesensky, a researcher with ESET, Win32/Yimfoca.AA has even ranked in his IT security firm's top ten security threats in many European countries, including Austria, Italy, the Czech Republic and Slovakia, over the last few weeks.
Polesensky reports that the Yimfoca worm uses Facebook chat to attack, while Fbphotofake is a social engineering worm which distributes itself and other malware through spam Facebook messages.
"Yimfoca serves as a backdoor that can be controlled remotely and can also spread through other instant messaging software like Skype, MSN or Yahoo Messenger" he said.
"Additionally, Yimfoca can also download and run other malicious software posted online - including fake anti-virus software, change security settings or deactivate the Windows firewall", he added.
The ESET malware researcher went on to say that the Fbphotofake worm mainly distributes Facebook spam.
As a result of this, he advises Facebook users to be very careful and not to open suspicious and unknown attachments, or click on dubious links.