Sophos Cloud Optix
Facebook users are being tempted to click on links to what purports to be a video of Osama bin Laden being shot, in the latest in a series of scams exploiting the hot news story of the Al Qaeda leader’s death.
The messages appear as follows:
Watch the Osama Shoot down video
Osama Dead - Censored Video Leaked
on.fb.me
Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch. Leaked by Wikileaks.
Clicking on the link, however, will not instantly show you some sensational footage of US Navy Seals attacking Osama bin Laden’s compound in Pakistan.
Instead, you’re told you will have to take an online survey.
That should be enough to set your alarm bells ringing – as survey scams are a continuing problem on Facebook, earning scammers commission with every survey they manage to trick users into completing.
What’s most interesting about this scam is that they trick you into cutting-and-pasting a line of JavaScript into your web browser’s address bar.
Not that you’ll realise that you’re doing that, of course. As far as you know all you’re doing is following a sequence of instructions and keyboard presses before you watch the video.
But any time you paste a script into your browser’s address bar, you’re effectively running code written by the scammers without the safety net of protection.
Before you know it, you’ll be sharing the news of the “Osama Shoot down video” with all of your Facebook friends, and the scam will be spreading virally.
My guess is that you don’t want to make it so easy for the scammers to run their scripts on your browser – so don’t fall for scams like this.
Be very careful not to be fooled by scams related to Osama bin Laden’s death, not just on Facebook but on other parts of the internet too. Such a big news story always seems to attract the interest of fraudsters and malware authors.
If you want to keep up-to-date on the latest scams, and are a member of Facebook, don’t forget to join the Sophos Facebook page to keep informed about the latest security news.
This has come up on my Facebook and I don't seem to be able to remove it from the newsfeed
You cannot remove it if its not your post, you can hide it though. Click on the x at the extreme right of the post.
yes you can, report it as spam and it removes it.
I've been reporting them as spam too.
Thank you for sharing this. I got one from a friend, and was able to report as spam and it was deleted. Appreciate your input!
This is a fine example why browsers should not, by default, allow javascript: links to be entered into the address bar. Useful for web developers but a security concern for normal users.
Thank you whoever created this.
Hopefully it will help Facebook to realise that they need to do something about these spam pages, and fix their site in general.
Me and friends find that statuses and comments disappear randomly.
Get your lazy-arse coders to do something about it. You are the biggest social networking site in the world.
Yea I do agree with you, I always report to FB but they never seem to take action. The other scams are like Facebook profile viewer and all
AS long as DUmb people live in this world …hackers ..wait a sec .. just a normal kindergarten maths teacher can start fooling ….
i just dont understand , the reason they spreading the news?? .. i dont find any malware uploading in the java script and neither does any injection process to get the info of the user (i may be wrong , but still my guess)
can any1 get me some answers .. i am just curious
my FB is whacked with all these post's and people trying to message me the link..I report every time. but it seems to keep going.
so is there a real video or never was?
I reported the page. It seems to have disappeared
i read this page and though holy crap how can they do this, a stupid bunch of hackers then i realised i was on the internet
From an enduser point of view non of us are protected – social sites are becoming a place where cyber hackers are now taking advantage
Even if one disappears a new one pops up instantly. I think they are using bit.ly systems that allow you to change the link. Therefore when one page gets deleted they just change the masking url.
Is there any way to force a browser not to accept javascript link from address bar. I use firefox.
Ufff! Thx God I don't click this!
Scammers? Hackers? Wtf?
What was the scam? Who got hacked?
This is called a Cost Per Action commission, which makes someone money by gathering information on who performs what action.. I fail to see how the end user is scammed. Did it cost you anything?
How about hacked… Did your password get stolen?
Simply amazing how ignorance spreads misinformation.
So what happens if you have clicked on it and answered the survey
Thanks for letting me, know as I just heard from my friends that I had sent it to their wall and offended, someone. In actual fact, IT WAS NOT ME…:( Thanks for advising me…God bless xoxo
Well i hate our local tv network in the Philippines they said it is a virus but i know it is a scam…….