One fifth of Facebook users are exposed to malware contained in their news feeds, claim security researchers.
Security firm BitDefender said it had detected infections contained in the news feeds of around 20% of Facebook users.
By clicking on infected links in a news feed, users risk having viruses installed on their computer.
Facebook said it already had steps in place to identify and remove malware-containing links.
BitDefender arrived at its figures by analysing data from 14,000 Facebook users that had installed a security app, called safego, it makes for the social network site.
In the month since safego launched, it has analysed 17 million Facebook posts, said BitDefender.
The majority of infections were associated with apps written by independent developers, which promised enticements and rewards to trick users into installing the malware, BitDefender said.
These apps would then either install malware used for spying on users or to send messages containing adverts to the users' contacts.
Facebook has a thriving community of independent developers who have built apps for the social network.
The vast majority enable users to tweak their Facebook pages, adding widgets, games or extra functions, such as delivering daily horoscope predictions.
Facebook said it had processes and checks in place to guard against the risk of malware.
"Once we detect a phony message, we delete all instances of that message across the site," the site said in a statement.
Crooks have targeted social networks, such as Facebook and Twitter because of their vast number of users, said Rik Ferguson, a security researcher for anti-virus maker Trend Micro.
"Because social networks are based on a community of people you trust, they're an attractive target for malware writers," said Ferguson. "You're more likely to click on a link from someone you trust."