Has Lady Gaga really been found dead in a hotel room? A scam which has spread rapidly across Facebook would certainly like you to think so.
Heres's an example of a message that is being seen spreading virally on Facebook, posing as a link to a BBC TV News report.
BREAKING: Lady Gaga Found Dead in Hotel Room
This is the most awful day in US history
Wow. I mean, yes, it would be tragic if Lady Gaga were to die, but.. seriously.. "the most awful day in US history"?
Anyway, if you are tricked into clicking on the link you are taken ultimately (via a website which sloppily allows an open redirect) to a webpage that pretends to contain a BBC News video report:
Watch out, though, if you try to play the video as this is a clickjacking scam which attempts to silently say you "Like" the page when you click with your mouse.
Users who have installed a browser add-on such a NoScript for Firefox will see a message warning them of the peril of being clickjacked.
If you've been hit by a scam like this, remove the messages and likes from your Facebook page - and warn your friends not to click on the offending links. Clearly there's much more work which needs to be done by Facebook to prevent these sorts of messages spreading so rapidly.
If you're a Facebook user and want to keep up on the latest threats and security news I would recommend you join the Sophos Facebook page - where more than 150,000 people regularly discuss the latest attacks.
You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.
Follow @gcluley
Update: A very similar scam has spread across Facebook claiming that Lil Wayne, rather than Lady Gaga, has died. Messages in that campaign include:
BBC News: 2 Rappers Died, L1L Wayne Near Death in Car Crash [VIDE0]
and
BREAKING: Lil Wayne Nearly Dies In FATAL Car Crash! [VIDE0]
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
![Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]](http://sophosnews.files.wordpress.com/2013/02/zombie-thumb.jpg?w=75&h=75&crop=1)
Phew !! I cried for a second ...
At first I thought that wait a minute, didn't she died and the media reported it? Had the media been duped again? Then I remember its Amy Winehouse not Gaga that died!
I must remember my celebrities!
Its simple to spot a click jack like this because BBC uses the iPlayer system and the video in that web page isnt iPlayer therefore Clickjacking/spam/scam easy to spot
if you click it what would happen???
Easy to spot for geeks like you,lots of "normal" people use Facebook these days too.
Pple should confirm any news before spreadin
F.Y.I.
Before you 'click' that link: if you 'mouse-over' the link in question, you should see the actual link URL appear at the bottom (lower-left for Internet Explorer) browser bar and it should match the identity of the link you think you will be clicking on. Or, right-click on the link and select 'Properties' then look at the 'Address:' (URL) listed, does it match the identity of the link you think you will be clicking on.