Naked Security reader Sampath sent us a tip-off about the latest variation he had seen of a viral scam that poses as a video of the killing of Osama bin Laden:
OSAMA KILLING REAL VIDEO LEAKED
OMG! real video of Osama Bin Laden being killed. Video leaked by wikileaks. Watch it before it get deleted.
A link in the message may, at first glance, appear to point to the YouTube website but in fact points to a similar-looking Indian domain name ending in “.in”.
If you make the mistake of clicking on the link you are taken to a third-party webpage, which poses as a security verification check from YouTube.
Quite why anyone would imagine that typing in the words “real video” is any form of security verification is beyond me.
But what’s happening here is that when you submit the so-called CAPTCHA text you are unwittingly publishing the message to your own Facebook wall. This spreads the message virally to your Facebook friends, and helps spread the scam further on behalf of the bad guys.
The scammers make their money by tricking you into taking an online survey. They earn commission for each person they managed to complete it, and you might be the sort of person who is tempted to answer the questionnaire in the belief that you’ll get to see a video of the Osama bin Laden being killed.
Remember – the real YouTube would never ask you to complete an online survey before watching a video, and that scams like this are rife across Facebook. As long as Facebook users keep falling for scams like this, they’ll carry on being a problem.
At the time of writing this latest iteration of the Osama bin Laden Facebook scam appears to have been eradicated. But I wonder how long before a new variant arises?
If you use Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.