Warnings have been made about a multitude of social networking videos claiming to show late singer Amy Winehouse.
According to Sophos, at least five videos have been identified that claim to show footage of Winehouse hours before her death on Saturday afternoon. As with other persistent scams, users are lured into an online survey where the scammer earns a commission for each survey that victims complete. They also capture personal details and have access to a user's profile and repost the link on their wall.
Similar scams have been seen relating to 'Disney's Most Shocking Hidden Message' and the personal lives of tabloid favourites.
Graham Cluley, senior technology consultant at Sophos, said: “If you got hit by this scam, make sure you have removed the entries from your news feed (to stop them being shared amongst your friends), marking them as spam if you like and check your profile does not have any unwanted ‘Likes' under your ‘Likes and interests'.
Roger Thompson, VP of web threat research at AVG, said: “Whether we were fans or not is irrelevant. The salient point is that there is a group of greedy, covetous, rapacious, insatiable, avaricious, penurious, gluttonous vultures who eagerly await some misfortune, such as Amy or the cruel events in Norway.
“Within hours of these events, they flood Facebook with promises of prurient or sensational videos, but the real goal is to trick kids or teens into agreeing to a $10 a month charge to the cell phone bill. They assume they won't read the fine print.”
Malicious search results for dead celebrities are nothing new, with malware and malicious searches having lured victims following the deaths celebrities such as Michael Jackson, Patrick Swayze and Natasha Richardson.
Luis Corrons, technical director of PandaLabs, said: “Amy Winehouse's body was found last Saturday and the very same day the most detected malware URL was one that said (in Brazilian Portuguese) ‘English Police shows pictures of Amy Winehouse body'. The next day the very same URL was again the top detected, which shows how effective these techniques are.
“This Trojan is just another banking Trojan targeting Brazilian banks. Once executed it copies itself as ‘googlepad.exe' and modifies the HOSTS file, so when the users try to visit some of the targeted websites they will be redirected to a fake one where their credentials will be stolen. It does not only target financial companies, but also Hotmail users.”
Patrik Runald, senior manager of Websense Security Labs, said: “This Facebook scam is unfortunate, but a very real threat. Criminals know how to take advantage of disasters and the hottest news items to get people to click on infected links. Tragedy is just one type of news that the bad guys use to exploit, compromise and infect your computer. Videos are an especially popular lure, we saw the same thing when Osama bin Laden died.
“During times of crisis or breaking news, your best bet is to stick with the largest news organisations you trust. Avoid the potentially dangerous halls of search engines and social media sites, which are more susceptible to compromise and manipulation.”