Girl who killed herself virus hoax spreads on Facebook.. but beware of scams

Filed Under: Facebook, Social networks, Spam, Video

Girl who killed herself virus hoax spreads on Facebook.. but beware of scamsNOTE: This article is mostly about a hoax which spread on Facebook in August 2010, but there have been real scams spreading virally on the social network using the disguise of a message about a girl who killed herself after her father posted a message on her wall. If you've come to this page then chances are that you have encountered one of the genuine scams, like the version of the attack we have described here. And now back to the original article from August 2010..

Many Facebook users are spreading inaccurate messages on the social network, warning each other to beware a "virus" that claims a girl killed herself over a post her father made on her Facebook wall.

Girl who killed herself Facebook virus hoax

The text of the warning reads as follows:

WARNING:THERE IS A VIRUS GOING AROUND AGAIN, IF YOU SEE A GIRL WHO KILLED HERSELF OVER SOMETHING HER FATHER WROTE ON HER WALL DO NOT OPEN IT, IT IS A VIRUS AND IT WILL NOT ALLOW YOU TO DELETE IT, PLEASE PASS THIS ON BEFORE SOMEONE OPENS IT. (IT IS A SELF REPLICATING TROJAN

However, the alerts are not based on facts, and members of the public are unwittingly perpetuating a hoax in the belief that they are helping their online friends and family avoid a nasty virus infection.

Ironically, the warning about the hoax is spreading faster and wider, and is probably more of a nuisance, than any genuine infection.

For those who care about such things, viruses and Trojan horses are different types of malware - it's not possible to have a virus which is a Trojan horse. And by their very nature, Trojan horses cannot be self-replicating.

Furthermore, there's no such thing as malware that you can't remove so the claim that it "will not allow you to delete it" is nonsense too. I'm going to say this very simply: Please stop forwarding this hoax to your friends. Thanks. :)

Okay, now that's clear let's look a little more deeply into this story. What is the background to this virus hoax?

It turns out that things are rather complicated.

According to internet rumours, a girl called Emma killed herself on Christmas Eve 2008 after being bullied on Facebook. However, images which show the alleged conversation between the bully and victim show "Like" buttons even though it was not possible to say that you "liked" an online conversation on Facebook back in 2008.

Facebook Emma conversation

Rumours like this get a lot of people's attention - and it has been exploited by the bad guys in what is becoming a genuine problem on Facebook. Regular readers of this blog, and visitors to the Sophos Facebook page, will only too familiar with Facebook pages which trick you into "liking" and "sharing" a link with the offer of showing you salacious content of the "OMG!" or "Shocking!" variety.

There are a number of scam Facebook pages which claim to be about the alleged girl who killed herself because of a post made on the site (although some claim it was by her mother, not her father).

Facebook pages related to scam Visiting the pages takes you to the familiar scam where they trick you into "liking" and "sharing" the link.

Facebook scam page

And there are also links being shared online which show the picture of a young woman, alleged to have been the person who killed themselves after their father wrote on their Facebook wall.

WFT - This girl killed herself after what her dad wrote on her wall

However, the picture of the woman used on this webpage is actually that of former Greenwich University student Emma Jones.

24-year-old Miss Jones died in Abu Dhabi in November 2009 after drinking poisonous cleaning fluid, and there were claims that she was distressed and commited suicide after her ex-boyfriend had posted naked photos of her onto Facebook.

(Before you click on that link, let me advise you that there aren't any naked photos there. Sicko).

So, despite what this page promises - it's nothing to do with her father writing a message on her Facebook wall. I think it's pretty sick that cybercriminals are using the image of a dead woman in their attempts to spread their scam.

Worryingly, the Facebook page promoting this (and other) scam pages has over 583,000 fans - making it easy for them to advertise a new link and kick start a new campaign at any time.

Facebook page with 583,000 fans And it seems many people are all too willing to unwittingly help spread such links.

WFT - This girl killed herself after what her dad wrote on her wall

Undoubtedly some of these scams and rogue Facebook pages will have helped fuel the hoax that a virus is doing the rounds. You should be able to see by now that this is a tangled web of deceit and scams.

So, to make things simpler, here's the executive summary:

1. Stop spreading the hoax virus warning. It's nonsense. You're clogging up your friends' news feeds.

2. Stop "liking" and "sharing" pages unless you really do like them. There are many scammers on Facebook trying to trick you into sharing their links with the promise of showing you some exclusive pictures or a video.

3. If you're on Facebook you may want to join the Sophos Facebook page to stay up-to-date with the latest security news.

, , , ,

You might like

91 Responses to Girl who killed herself virus hoax spreads on Facebook.. but beware of scams

  1. maliha · 1457 days ago

    wht da hell z it abt????

    • .... · 1404 days ago

      Based on your lack of actual words in your 'comment' it is no surprise that you did not understand the text.

  2. Niki · 1456 days ago

    I SAW THAT TODAY!! AND I LOOKED IT UP ON GOOGLE AND CAME HERE. I'm no fool, I didnt click it. I told my friend tho

  3. CindyMJLOVE · 1455 days ago

    omg yeah i saw that sh*t going around..weird..that is just messed up as hell

  4. jamie · 1452 days ago

    well my friend and i fell for the bananna in the tail pipe with this one. Just too dang nosey for our own good.oh well.

  5. joel · 1450 days ago

    i did the same thing as niki 3 up

  6. barb · 1448 days ago

    nope i knew it was stinking of fish when i first saw the posting by someone else, and when i saw the access permission come up, i knew it was def B.S.... searching more outside of FB i have come here and a few other places to find a basic confirmation and then i sent these pages to the young teen girls that have started jumping on the wagon to have this one circulate.

  7. lora · 1447 days ago

    Well of course I was nosey and clicked THANK GOD FOR NORTON

    • molly · 1430 days ago

      same here! i knew it was prob fake but curiosity got the best of me! however thank god for the pop up saying do not click!

    • Unfortunately.. Curiousty is a hard thing to refuse.. But i am very wary of online threats.
      This may only be a little scam to get peoples attention and custom, But its these little scams that we need to be wary of, because one day, it will be a keylogger.. and then the hacker will have all the information ever needed to take every penny out of your bank account.

      So as annoying as this little scam is.. It shouldn't be taken lightly, as scammers are learning diffrent ways daily to get the information they want.
      I dont under NO circumstances shop online, Thats the only way to truely prevent online fraud.

    • guest · 1220 days ago

      If you are really using norton then I am sorry.

  8. tia · 1445 days ago

    I have to comment on this because it may not be true about not being able to delete it or Trojan replicating itself but it most def. is a virus attached to the post after you open it because I have it, NOW. So am I not supposed to let my friends know that it has a virus? Will people think that i'm spreading a hoax,? That is not fair to say that it is a hoax, Because I got the dang virus to show that it is real!!!!!!!!!!!!!!!!!!! If you open that messageit will give you a virus!!!!!!!!!!!!!!1

    • Hi Tia

      This article is specifically about a hoax that spread via Facebook - claiming that there was a virus on Facebook that could not be deleted, and that by simply clicking on a message you were infected by it. That's not true.

      The article then goes on to describe a *real* attack that we saw on Twitter in August 2010, where scammers tricked users into liking Facebook pages to spread a (bogus) message about a girl who killed herself. So, be sure to read our articles carefully!

      My suspicion is that you are seeing a *current* attack which has spread a lot on Facebook, using similar wording.

      You can read about one version of that "Girl killed herself" scam by visiting http://nakedsecurity.sophos.com/2010/09/24/girl-k...

      Of course, there's nothing to stop the scammers creating new versions, and outsmarting other Facebook users.

    • Benjamin · 1426 days ago

      yea i just learned that tonight and the only way to get rid of it was to log off and relog in and that took care of it . I posted a warning on it on face book and that needs to be taken off asap and that needs to be delt with accordingly by the facebook management.

    • Tiffany · 1405 days ago

      so glad I have a mac. offers a little more protection. sorry about your luck. stupid spammers!

  9. thanks · 1444 days ago

    great article, I was about to click it on facebook after seeing it on my friends profile, and before allowing the app on my page, I googled "girl killed herself after dad facebook" and your article popped up. Thanks!!! you just saved me from a hoax.

  10. Becca · 1443 days ago

    Same here; Lucky i look this up :D

  11. Derrek · 1440 days ago

    Thank you very much for confirming my suspicion

  12. carla · 1437 days ago

    i clicked on the site, and it told me to do a survey, so i thought that was strange and googled it and found out that it was a hoax, but i did click it site so could i have the vuris?? and what happen's if your p.c has it? thank you very much for this site! :)

  13. Yoshi · 1435 days ago

    I clicked on the window but it said to connect to facebook( f Connect ) and thats where i stopped so did i get the virus?! =/

  14. squeaky · 1435 days ago

    i saw this today and googled it im so happy i did not click on the ad.

  15. geoff · 1434 days ago

    wow you have a lot of time on your hands. i stopped reading this after about 10 seconds. the internet is full of stupid people. that won't change. ironically the only lesson here is "don't be stupid" unfortunately anyone able to abide by that doesn't need the advice to begin with.

  16. falcom · 1434 days ago

    i was half away thru it... when it asked me to complete sum survey i stopped but it auto posted it self on all my frnds wall i deleted from my wall but i cant delete wats on my frnds wall... now m worried abt them!!!

  17. OMG!!!that made me so pissed I didn't click on it but I did look it up on google that is B.S!!!

  18. cesyaya · 1428 days ago

    i already click that link.what should i do?

  19. Shashank · 1428 days ago

    i clicked it 7 now the post by Girl kills herself after her dad posted on her wall is not getting removed please tell me what to do now help me on FB?????????

    • lozzie · 1314 days ago

      i know, i have been getting those from people on chat, when they havnt even sent them , its from the link they clicked on. i have had over 15 of them sent to me. it is sad for someone to do that and messed up

  20. ViviM · 1428 days ago

    I clicked it but i didn't believe it was real because that is so dumb for a to commit suicide after her father posted something on her. My friend had the post, so i commented it but it just said that i liked it! I tried to unlike but then my computer froze!!!! And then when i saw that i needed to take a survey or download something i immediately knew it was a hoax!!!

    • Mikamuso · 863 days ago

      Simply because it's dumb to do, doesn't mean it doesn't happen. That's like saying that the Facebook mom didn't kill her kid for disturbing her Farmville time because it's dumb that she would do such a thing. Some people value their facebook and social status more than they do their life, and overall, I feel really sorry for them...

  21. Liry · 1427 days ago

    "Furthermore, there's no such thing as malware that you can't remove so the claim that it "will not allow you to delete it" is nonsense too."

    The vundo trojan cannot be removed from a computer without reinstalling the operating system. =)

    • Brian · 1385 days ago

      Vundo Trojan is easily removed without having to re-install the operatimg sysytem.

  22. skellywag · 1424 days ago

    guess i go lucky or just have a good setup with avg and spybot because i clicked on it and im still in the clear. fingers crossed!!!!!!!!!!!!!! i dont get it though, never understood the point of spreading a virus. dont they have anything better to do than piss people off by destroying there computers and costing them alot of money. i would like to bump into one of these fools someday :-)) !!!!!!!!!!!!

  23. Idiots, all of you.

    • Im sorry folks, "K" is right, If you have common sence, you would have made a U-turn after the "allow access" page, And if you let curiousity get the better of you.. well thats just stupid.

      • mikamuso · 863 days ago

        That is an extremely ignorant thing to say, considering curiousity is natural for all living beings. Especially in humans. Although I do agree that some common sense should have kicked in, saying that someone is stupid for letting curiousity get the better of them is just a highly ignorant statement to make.

  24. Marcella · 1422 days ago

    the world is full of freaks!!!!

  25. Stark · 1418 days ago

    Crap does this affect Macs in anyway? I clicked someone's link, and it lead me to a page but ask me to fill out a survey to view it and I didn't.

    • John · 1412 days ago

      Dude me too. Luckily i close it as soon as i open it because i scare if there will be an image of a ghost or something like that. Thanks for this post.

    • Yes, survey scams like this are platform independent. Work just as well on Macs as on Windows PCs.

      • kanya · 1412 days ago

        damn, I have also mac, and clicked on the link but stopped before the suvery view. it came on my facebook profile and i deleted it.. so does that mean i have virus on my mac?

        • No, it doesn't mean you have a virus on your Mac. But if you approved the application's request to access your profile then it will be able to post messages on your wall and scour your profile for information. You should revoke the application's permission, remove any references to it in your newsfeed and - if necessary - zap any pages that you "liked"d.

          • Beth Sowder · 1411 days ago

            Do we need to do a virus scan and change our facebook pass words?

            • Not because of this survey scam, no.

              The scam spreads on Facebook, it doesn't affect your actual computer. You need to clean-up your newsfeed, check that you haven't "liked" any pages connected with the scam, and revoke permissions of any third-party rogue applications.

        • He just said it wasnt a virus! Its just a nusance to try to get your personal information from entering it into forms

    • Lynn Pare · 1405 days ago

      Im telling all my friends on FB cauze i just found out about it from my friends wall. i told her to tell everyone not to open i cauze its a virus!!! Thanks glad i found this site :)

  26. Rene Felton · 1415 days ago

    thank you...hope my computer is ok...i did not follow it all the way

  27. Aiden · 1412 days ago

    How is it in any way a virus?...

  28. nasim · 1412 days ago

    I clicked it too!! and later I got rid of it from my face book but the problem is now I can not what online from mega video or any site, when I want to open the page a message pups up which says: in order to unlock the page you have to complete the survey and the only thing you can actually click on is the silly Duck Hunt game !!! Please tell me what to do????....
    it is just sick what they do....

  29. Lili · 1410 days ago

    Thank god I did open it but not from my computer, I was in my bed with my iPad, the iPad don't get viruses. Actually all Apples computers.

    • You're right to say that your iPad isn't infected, but then Windows and Mac computers don't get infected by this either.

      This scam spreads via the *Facebook* platform. In other words, it's OS-independent. Your Facebook profile could have been compromised by it. You should check your newsfeed and remove any references to it, zap any "Likes" that have been added to your profile, and revoke permissions of any rogue applications.

      On a side note, you're incorrect in saying that Apple computers don't catch malware. Read this: http://nakedsecurity.sophos.com/2010/11/24/apple-...

  30. Alex · 1410 days ago

    i came here right after the fact. lol. too bad the hoax got a friend i trust so figured it was legit and i wanted to see what could possibly be that bad to make you kill yourself over it. lol

  31. I most definitely KNEW it wasn't real when it claimed my friend wrote " I seriously started crying over this" My friend is the type to never admit he has any emotions but anger so I wrote back "Seriously? Water fell?" cause that's how he would describe it I know I was being stupid for even thinking this was possible now because I remember one of these about 2 months ago just then and how that was a hoax too.

  32. lalalana · 1409 days ago

    Its not even something anyone should kill themselves over anyways.

  33. I have a good question, and if this isnt approved I will surely know, How do they get screen shots of these pages with the friends requests, Doesnt that mean they have to be logging into these pages?

  34. stuble1 · 1408 days ago

    So many niave people on the internet who are click happy before investigating things that seem too unreal to be true.

  35. magi · 1408 days ago

    thank you

  36. Pedro · 1408 days ago

    So...How do this virus affect your Facebook account? You mention it is a hoax and people spread it by sharing with friends and bla bla bla...But What is the risk of this virus??? If it is just spam why do we have to be aware of it??? I think you are paranoid

    • Read the article once more, and you'll find I'm not paranoid.

      The article is about a virus hoax that spread. However, although there was a hoax there was also a scam which spread rapidly across Facebook (and actually continues to spread in various forms) which uses a similar disguise to the hoax, pretending to be about a girl who killed herself.

      It's not a computer virus, your computer won't be affected. But it does affect your Facebook profile and can be passed on to your Facebook friends. You can read more about it here http://nakedsecurity.sophos.com/2010/09/24/girl-k...

      In answer to your question "Why do we have to be aware if it's just spam?"

      Well, folks don't like spam. And they also don't like other profiting by spreading spam from their innocent Facebook accounts, and find it a nuisance that Facebook is becoming more and more swamped by this junk.

      You may be fine with it, but that doesn't make it okay to spread this nonsense on to other Facebook users. We should all be good internet citizens.

  37. cece · 1407 days ago

    Hey i was wondering does it affect your phone if you try to look at it but your phone wont let you cause i look on my friends page and i was like so do i have the virus on my phone its a samsung seek

  38. lauryn · 1407 days ago

    im glad i did look up this on google

  39. Technus · 1407 days ago

    lol, I'm not going to open anything that asks for my cell phone number, that's retarded. Good thing I looked this up first. You should always be cautious if something asks for your phone number or any personal information, I wouldn't pursue it at that point.

  40. Lynda · 1407 days ago

    I clicked the link when it came up on a friends page - because she is normally 'sensible' about what she posts ..I too stopped when it asked me to do a survey although I have to admit that I was worried a little earlier by how the 'click here' link was set up, but went on where angels fear to tread! all that happened was that it appeared a couple of times on my status .....no virus that I am aware of on my computer .... I think what may be meant by 'nat able to delete it' is referring to the fact that you cannot delete it from your status like you are able to if you put other comments up??? I tried to but couldnt

  41. ding dong · 1407 days ago

    ive seen this like 10 times already

  42. Thank God for this site!

  43. okay so i viewed this cuz im bored and tired and not thinking right and when i actually get to see this i knew it was a fake and went to google to make sure...i revoked its rights to post on my walls and to see my page and info...im running a virus scan so i am hoping i didn't get the trojon...im on vacation and not wanting to have to send my computer in..

  44. liz · 1406 days ago

    ugh I clicked it but it took forever to load so I came to google. -___-

  45. Maeve · 1406 days ago

    Out of curiosity, I googled it and damn I was right all along..

  46. xera · 1406 days ago

    lol i also googled and came here

  47. heybooboo · 1406 days ago

    it says up above that it is a hoax spreading the news that it is a virus doing the rounds, doesn't it?? so.... how I am reading this is that sum creative dumbo had to much time on their hands and came up with a way to ANNOY people and litter their facebook. Believe me my anti virus and my spyware have not picked up on a virus...

  48. jason · 1406 days ago

    Thank god I have a mac

  49. just me · 1405 days ago

    Isnt it sad that this has to happen. We are suppose to be adults arent we????

  50. Laura · 1405 days ago

    Gosh....I feel like a total idiot. I didn't see the one on the girl killing herself, but I did open the one on "harmless prank gone tragic!" I was actually in tears, and then a friend told me it was a scam. I was relieved being as I was so upset over this, but PISSED that some idiot was doing it for money!!! I went back and deleted the application and changed my password. I just hope that is all I need to do. I didn't realize all this stupid stuff was out there until now, and I WILL NOT OPEN ANYTHING LIKE THIS AGAIN!!! I didn't think you could get anything like this on facebook!

  51. trinity · 1405 days ago

    so if u dont LIKE it. it wont spread the virus

    • Some versions require you to "Like" a link, other versions require you to give a third-party application to access your Facebook profile.

      If you don't do either, you won't be affected and you won't spread the link to your friends.

  52. Danna Oooops · 1405 days ago

    I opened it up and Thank Heavens for Kaspersky Anti Virus Protection! My computer was saved from this Virus! 8-)

  53. freak egg · 1404 days ago

    I liked it, but I havn't got a virus or anything. After seeing this, I even checked my norton. Maybe I just got lucky?

  54. Terry · 1404 days ago

    How can so many of you people who supposedly read the article still think there is a virus involved???

    It's not a real virus , hence the word hoax in this particular article.

    A virus would be something screwy on your own computer.

    This situation is on Facebook own server/ computers computers, and only involves what you are allowing to be taken away from or added to/from your profiles and friend's profiles, etc.

    Your computer/phone is like a remote control for your stuff on FB. You click something on it at home, or from your phone, and you have changed the settings of the FB "script(s)" actively allowing or disallowing things to go on at FB.

    This is why when they explain problems on Fb, viruses, scams etc., they always refer ro something about the permissions and privacy settings for apps etc., on your FB account.

    If you don't understand still, maybe just watch the instructional videos they have here to walk you through cleaning up and securing your FB account.

    I hope I helped someone, this is distressing just reading all of the comments. : (

  55. bob · 1403 days ago

    Hmm virus or not don't people want to avoid opening it? Even if it isn't a virus, and you post that it is, and then people do not open it based on your "it's a virus" post then what is the harm? Isn't it better that they at least avoided this stupid thing?

  56. Syed Hasan Atizaz · 1403 days ago

    No doubt there are fools everywhere including internet.

  57. Rachel · 1402 days ago

    I knew that it was a scam when I saw that it was an app.
    Why would they make a news story into an app?

  58. Atlantis · 1370 days ago

    I've never fallen for these things, but did a search to find out if there were any viruses or trojans or other problems associated with the posts about a girl killing herself. I don't see the "virus hoax" post half as much as the one that promises pictures. I know the original is silly because it promises pictures if you 'like" it and "share" it - immediate clue there for the clueless. I know the virus hoax is silly because whoever started it doesn't give valid info but only lumps all possible calamities together.

    However, this isn't to say it is GOOD t click those links just because the post about them being viral links is rather uneducated.

    In fact, since people only have HUNDREDS and THOUSANDS of friends on Facebook for gaming purposes or SPAM purposes, clogging up the newsfeed is rather a moot point as well. I personally don't know anyone with more than a few dozen friends on facebook who isn't a Politician, a Gamer, a Spammer or a Pretender just wanting lots of fake friends.

    So, my question is this: If both are simply harmless hoaxes, as you claim, with no effect other than spamming newsfeeds,which are crammed full of millions of gaming posts already, why bother to gripe about them at all?

  59. latisha · 1127 days ago

    omg, so glad i didnt

  60. Gugu · 1031 days ago

    thanks guys. Googled the story b4 opening and got yo article. Saved me

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.