Wednesday, February 1, 2012

Evil Browser Plug-in Hides Behind "Policeman Gets Shot After Good Deed" Facebook Video Scam

FacebookFacebook users should beware of a new scam currently making rounds on the popular social networking site.

Like the majority of recent scams, the goal is to trick unsuspecting users into downloading a malicious browser plug-in.

Once installed, the plug-in will begin to drive all of your Facebook friends batty by repeatedly tagging them in Wall posts advertising the same scam. That’s in addition to monitoring your browsing activity, posting spam on your Facebook wall and redirecting you to random surveys in order to collect your personal data and/or earn the scammers a commission from their affiliates for each completed survey.

How the “Policeman Gets Shot After Good Deed” Video Scam Works

The scam lures victims in with a spam message sensationalizing a non-existent video that allegedly depicts an officer “doing a good deed” before being killed:

"Policeman Gets Shot After Good Deed" Scam Message

i prayer for this heros family hxxp://

[video] Police officer does good deed before he dies moments later.

Incredible video of a kind Policeman who does a kind deed but tragically gets killed! Exclusive footage!

Note that the numbers in the "" domain change often and numerous shortened URLs are used; however, the end result remains the same.

When you click the link, you will be taken to a spoofed Facebook page (at with a fake video embedded on it, claiming that you need to install an update to play the YouTube video.

 Fake Facebook Page saying "YouTube Player Update Needed"

If you click on the ‘Install’ button, you will be prompted to download and install a plug-in for Firefox (“youtube.xpi”) or Chrome (“youtube.crx”), depending on which browser you view the page in.

Dealing with the “Policeman Gets Shot After Good Deed” Video Scam

If you come across this scam, be sure that you:

  • Mark any posts you see advertising this scam as spam by clicking the ‘X’ at the top right corner of the message.

  • Avoid clicking on the scam link or downloading the bogus YouTube player “update” (aka malicious browser plug-in).

If you’ve already fallen for the scam:

  • Remove all wall posts related to the scam from your Facebook profile.

  • Uninstall the browser plug-in – instructions are here if you need them.

Photo Credit: MoneyBlogNewz

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment