14 DAY TRIAL // A new Facebook scam claims that Lady Gaga was found dead in her hotel room in order to lure users to surveys and trick them into spamming their friends.
According to security researchers from Sophos, the spam messages spread by victims read: "BREAKING: Lady Gaga Found Dead in Hotel Room This is the most awful day in US history."
Clicking on the link takes users to an external page that spoofs the BBC News site and appears to contain an embedded video.
Clicking on the video in an attempt to start playing it will result in the click being hijacked and used to like the page and share the aforementioned message.
This is achieved through an attack technique known as clickjacking which abuses legit programming methods to hide and overlap buttons so that users are tricked about what action they are about to perform.
Following the clickjacking, users are asked to complete one of several surveys that earn scammers commission money and could result in significant costs to them.
Clickjacking techniques have long been used in Facebook scams. The company has even developed a mechanism to detect such attacks and prompt for additional confirmation, but so far this has been ineffective.
Scammers often profit from celebrity deaths. This has recently happened with Ryan Dunn and Amy Winehouse. However, occasionally they might launch fake death rumors like now.
"If you've been hit by a scam like this, remove the messages and likes from your Facebook page - and warn your friends not to click on the offending links," advises Graham Cluley, a senior technology consultant at Sophos.
"Clearly there's much more work which needs to be done by Facebook to prevent these sorts of messages spreading so rapidly," he concludes.