That being said, I'm going to relate to you, my top 5 Facebook security tips to help you learn some of these common sense techniques while employing that healthy dose of mild paranoia.
The point is, as long as there are hackers and identity thieves, there will be flaws in even the most promising security. Assume that nothing is secure.
As part of my student's assignment in my computer security courses, they are taught how to employ social engineering and have the assignment of just watching for signs that someone is using it. One student took those skills to a cell phone kiosk and while chatting casually with a woman about a cell phone she was using, gained information about her 4 digit pin code to lock her phone and that she used that number for everything including ATM machines. By the end of the conversation, he knew where she worked, her full name, and what she did for a living. He did all this by pretending he wanted to buy the phone she was holding in her hand! He was shocked not only by the fact that he was able to effortlessly get this information out of her, but that he, with little training was able to accomplish it.
Keep in mind that most hackers don't need complex scripts or tools to betray you. You give them the information freely every day. And if you have any doubt about that, think about how many times you hear people disclosing personal information while on their cell phones near you!
Many times, account hacks are not so easily detected. For example, a teen received a link from a friend in Facebook chat. The friend always sends various links to him via the chat. The sad news was that the link was to a malware site that totally destroyed his laptop. This situation leads me to Tip # 5 below.
As in the case of the teen given the link from Tip #4 above, the teen should always respond back to the friend before clicking the link. If the hacker is on the friends account, one of two things will happen. Either he/she won't respond back to the chat ping, or they will not be able to answer the question regarding the link properly.
Let me explain. Let's say that this teen and his friend normally share links having to do with monster trucks because they both love them. But they hate cross-overs and SUVs. The teen could have responded to the chat link with the following message, "Is this another video about that awesome Cadillac Escalade?" A hacker, not knowing that their being baited, will respond, "Yes!" Thinking that this should be the appropriate response. If the friend legitimately sent the link, then the friend will definitely ask you if you are a hacker on the account because his friend would never respond like that!
The point is, there is a way to test your friends using very intimate details about your relationship that only the two of you know and has not been publicly announced on your Facebook wall. Obviously, if this teen and his friends bash cross-overs or SUVs, then this example might not work. But I think you get the picture.
Remember, security is a process - not an endpoint.