Osama Shoot down video scam spreads on Facebook

Filed Under: Facebook, Social networks, Spam

Facebook users are being tempted to click on links to what purports to be a video of Osama bin Laden being shot, in the latest in a series of scams exploiting the hot news story of the Al Qaeda leader's death.

The messages appear as follows:

Osama shoot down video

Watch the Osama Shoot down video

Osama Dead - Censored Video Leaked
on.fb.me
Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch. Leaked by Wikileaks.

Clicking on the link, however, will not instantly show you some sensational footage of US Navy Seals attacking Osama bin Laden's compound in Pakistan.

Instead, you're told you will have to take an online survey.

Osama shoot down video scam

That should be enough to set your alarm bells ringing - as survey scams are a continuing problem on Facebook, earning scammers commission with every survey they manage to trick users into completing.

What's most interesting about this scam is that they trick you into cutting-and-pasting a line of JavaScript into your web browser's address bar.

Not that you'll realise that you're doing that, of course. As far as you know all you're doing is following a sequence of instructions and keyboard presses before you watch the video.

Osama shoot down video scam

But any time you paste a script into your browser's address bar, you're effectively running code written by the scammers without the safety net of protection.

Script

Before you know it, you'll be sharing the news of the "Osama Shoot down video" with all of your Facebook friends, and the scam will be spreading virally.

My guess is that you don't want to make it so easy for the scammers to run their scripts on your browser - so don't fall for scams like this.

Be very careful not to be fooled by scams related to Osama bin Laden's death, not just on Facebook but on other parts of the internet too. Such a big news story always seems to attract the interest of fraudsters and malware authors.

If you want to keep up-to-date on the latest scams, and are a member of Facebook, don't forget to join the Sophos Facebook page to keep informed about the latest security news.

, , ,

You might like

21 Responses to Osama Shoot down video scam spreads on Facebook

  1. jax · 1217 days ago

    This has come up on my Facebook and I don't seem to be able to remove it from the newsfeed

    • danishctc · 1216 days ago

      You cannot remove it if its not your post, you can hide it though. Click on the x at the extreme right of the post.

      • Myz · 1216 days ago

        yes you can, report it as spam and it removes it.

        • Sheila · 1216 days ago

          I've been reporting them as spam too.

        • Ranae · 1216 days ago

          Thank you for sharing this. I got one from a friend, and was able to report as spam and it was deleted. Appreciate your input!

  2. simon · 1217 days ago

    This is a fine example why browsers should not, by default, allow javascript: links to be entered into the address bar. Useful for web developers but a security concern for normal users.

  3. wpj · 1217 days ago

    Thank you whoever created this.

    Hopefully it will help Facebook to realise that they need to do something about these spam pages, and fix their site in general.

    Me and friends find that statuses and comments disappear randomly.

    Get your lazy-arse coders to do something about it. You are the biggest social networking site in the world.

  4. anish · 1217 days ago

    Yea I do agree with you, I always report to FB but they never seem to take action. The other scams are like Facebook profile viewer and all

  5. Zayn · 1217 days ago

    AS long as DUmb people live in this world ...hackers ..wait a sec .. just a normal kindergarten maths teacher can start fooling ....
    i just dont understand , the reason they spreading the news?? .. i dont find any malware uploading in the java script and neither does any injection process to get the info of the user (i may be wrong , but still my guess)

    can any1 get me some answers .. i am just curious

  6. desmo · 1217 days ago

    my FB is whacked with all these post's and people trying to message me the link..I report every time. but it seems to keep going.

  7. mark · 1217 days ago

    so is there a real video or never was?

  8. Rosy74 · 1217 days ago

    I reported the page. It seems to have disappeared

  9. callum · 1217 days ago

    i read this page and though holy crap how can they do this, a stupid bunch of hackers then i realised i was on the internet

  10. mymulticast · 1216 days ago

    From an enduser point of view non of us are protected - social sites are becoming a place where cyber hackers are now taking advantage

  11. Jeremy · 1216 days ago

    Even if one disappears a new one pops up instantly. I think they are using bit.ly systems that allow you to change the link. Therefore when one page gets deleted they just change the masking url.

  12. Is there any way to force a browser not to accept javascript link from address bar. I use firefox.

  13. XsomX · 1216 days ago

    Ufff! Thx God I don't click this!

  14. CPARiches · 1216 days ago

    Scammers? Hackers? Wtf?

    What was the scam? Who got hacked?

    This is called a Cost Per Action commission, which makes someone money by gathering information on who performs what action.. I fail to see how the end user is scammed. Did it cost you anything?

    How about hacked... Did your password get stolen?

    Simply amazing how ignorance spreads misinformation.

  15. Julz · 1216 days ago

    So what happens if you have clicked on it and answered the survey

  16. Renee L Azzopardi · 1216 days ago

    Thanks for letting me, know as I just heard from my friends that I had sent it to their wall and offended, someone. In actual fact, IT WAS NOT ME...:( Thanks for advising me...God bless xoxo

  17. Well i hate our local tv network in the Philippines they said it is a virus but i know it is a scam.......

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.