The message body will apparently read something like this (with YOURFRIEND being replaced by the name of a friend of yours):
Twitter and have already lit up with terms related to the attack as well. A Facebook spokesperson said in an emailed statement, "We are aware of this phishing domain and have already begun to take action." For now, watch out for the fbaction.net domain.