We're bombarded on an almost daily basis with news of new threats to our computer systems. The year 2006 started with a deluge of new viruses, according to the Commtouch Detection Center's presentation at the RSA Conference in February. And installing a good antivirus program and keeping it up to date isn't enough; other forms of attack—from spyware that infects individual computers to denial of service attacks that bring down whole networks—are on the rise, too.
But along with all the reports of real threats, the Internet spawns numerous hoaxes: messages that warn of threats that aren't real. The originators of these messages are sometimes just trying to be funny, but other times they instruct users to do things to protect against the fake threat that really will damage their data or render their computer unusable. Most people who pass on the hoaxes have good intentions, but forwarding copies of virus and attack warnings that haven't been confirmed can do more harm than good. Of course, a number of hoax messages out there promise all sorts of good things. Alas, when they sound too good to be true, they probably are.
Share this list with your users to help raise their awareness of the scams they may encounter. They'll be less likely to fall for a hoax and tie up your resources, and they may think twice before hitting that Forward button.
#1: Good Times: The mother of all virus hoaxes
This virus warning, in various forms, has been making its way around the Internet since at least the mid-1990s. It supposed originated on America Online, and the warnings claimed that it was far more dangerous than other well-known (and real) viruses of that time, such as Michelangelo and Stoned. Some of the warning messages claimed only that Good Times would "erase" your hard disk. Others really went overboard, claiming that it would physically destroy the disk so it could never used again and could even damage your computer's processor.
A virus can indeed cause all the files on your disk to be deleted or even destroy the partition information on a disk (a good example of this was the CIH virus). Viruses can also overwrite the flash BIOS on a computer, rendering it unusable. However, a virus can damage only software; it can't physically damage a computer's hardware.
#2: The FCC says...
Hoax warnings often give themselves away by trying too hard. They'll invoke the Federal Communications Commission (FCC) or some other government agency to make their warning sound credible. Others will make the warnings appear to come from Microsoft, Symantec, or some other large software company or include quotes from supposed "computer experts." Still others claim that the virus warning was reported on CBS News or by the New York Times or some other reputable media outlet. (Sometimes this is even true; news outlets have occasionally been fooled into repeating hoax warnings.) Many hoaxes also make the claim "checked out by Snopes" (a popular Internet site for verifying the status of urban legends and hoaxes) even when Snopes itself lists them as a hoax.
#3: Exploding the myth about exploding systems
Another clue that a warning is a hoax is that the claims of the virus's destructiveness are just too incredible. For example, the Death Ray Virus warning is still seen occasionally; it claims that a virus called Death Ray causes home computers to "explode in a hellish blast of glass fragments and flames" and that some specified number of people have already been injured and millions risk their lives every day when they sit down at their computers. The virus is also described as not containing the usual markers that enable it to be identified. And rather than explain exactly how the virus causes this explosion, the hoax says only that "it's an extremely complicated process."
#4: Beware the dreaded nth complexity infinite loop
Hoaxes also use technical-sounding jargon that is in fact meaningless. For instance, one variant of the Good Times hoax claimed that it destroyed the computer's processor by setting it to "an nth complexity infinite loop." Sounds impressive—and scary—except that there's no such thing. Hoax warnings count on the fact that most of their recipients are not tech experts and won't know the difference.
#5: Not-so-sweet cookies
Cookies are small text files that some Web sites place on your hard disk, containing information such as user IDs, shopping cart information, and configuration preferences, so that when you visit the site again it "recognizes" you. Many hoax warnings have appeared claiming that a particular site or Internet service puts a cookie on your hard disk that will allow anyone to read "any of the information on your drive." Hackers may be able to access and read the files on your system, but they don't do it through cookies. Cookies are created by the Web site; they contain only information you've entered or that concerns your activities on the site (or in some cases, across multiple Web sites). Besides, a cookie that contained all the information on your disk would be an incredibly large file. Cookies do pose a privacy issue, but they don't disseminate viruses or allow access to your entire hard disk.
#6: A taxing dilemma
As April 15th approaches each year, we see a variation of a hoax that warns you not to send your tax returns electronically because there is an attacker who is intercepting all tax return files and "changing the current account indicated by the victim to the virus author's account." This will supposedly cause your refund check to go to the virus writer. According to the IRS Web site, more than 68 million Americans filed their tax returns electronically in 2005.There is no evidence of any tax returns or refunds being intercepted via the Internet as described by the message.
#7: Don't delete that "virus"
A popular ploy of more malicious virus hoaxers is a message describing a dangerous virus and telling you to search your hard disk for certain files and then delete them to get rid of the virus. The catch is that if you delete the files they tell you to delete, you're actually deleting important system or application files and you'll cause your system or some software functions to become unusable or unstable. A relatively harmless example of this is the hoax message that warns Hotmail users that a virus is being spread by MSN Messenger and is not detectable by McAfee or Norton. It includes instructions to delete the file jdbgmgr.exe. In fact, this is a file used by Microsoft developers (the Microsoft Debugger for Java).
Other hoax messages have instructed recipients to delete essential Windows files, rendering their systems unbootable. Never follow virus removal instructions contained in e-mail messages. If a virus is real and can't be removed by antivirus software, the major AV vendor Web sites will contain instructions for manually removing it.
#8: No free money
Sci-fi writer Robert A. Heinlein coined the acronym TANSTAAFL (pronounced "tan-stawful"), which stands for "There Ain't No Such Thing As A Free Lunch." Keep it in mind when you get one of the hundreds of hoax messages boasting of giveaways. One of the most famous ones claims that if you forward the message to other people, Bill Gates, Disney, or some other famous person or company will somehow know how many times you forwarded it and send you money for doing so. Even if some generous soul actually wanted to do this, there is no way they would be able to track your mail and know how many times you forwarded the message.
Variations on this scam include claims that Miller Brewing is giving away free beer, that Abercrombie & Fitch is giving away free clothing, that Coca-Cola is giving away cases of coke, that Dell is giving away free computers, that Nokia is giving away free phones, and so on. In each case, to get your free prize you have to forward the message to a specified number of people (often as high as 25,000).
#9: Playing on your sympathy
Who can resist a request for help—especially when the person who needs help is a little kid? The same "dying child" scams have been floating around the Internet for years, but people still fall for them. They usually describe someone who has a fatal disease, has been the victim of a natural disaster or a terrible accident, or is otherwise in dire straits. Some of these scams ask you to send money; others ask you to send cards or e-mail messages. One variation claims to be from a child who is doing a school project to collect e-mail from as many states and countries as possible. Some, like the "free money" scams, ask you to forward the message to as many people as possible, claiming that some organization, such as the American Cancer Society or Microsoft, will donate money for each time the message is forwarded.
Some of these may start out as genuine situations, but they keep getting forwarded long after the person has died or the problem has been resolved.
#10: State of fear
A particularly obnoxious type of scam message warns you of some sort of physical danger that doesn't exist. These are often based on urban legends, such as the one that warns of people being abducted from bars and waking up the next morning with their kidneys missing, or the one that warns of a series of cases where victims heard a baby crying outside their door and opened it up, only to be attacked by a serial killer. These types of stories have been around since long before the Internet, but e-mail has given them new life.
A recent version claims that on a certain day, members of some street gang will have an initiation ritual in which prospective members must drive around at night with their headlights off and kill the first driver who flashes his/her lights to let them know.
These messages usually quote "police officials" or "FBI spokespersons" to lend credence to their claims.
Today's hoax may be tomorrow's reality
It would be irresponsible not to emphasize that virus writers, hackers, and attackers are coming up with something new literally every day. Some of the warnings that were hoaxes a few years ago have blossomed into real threats today. For instance, in the late 90s, there were messages going around the ‘Net warning that you could get a virus on your mobile phone. At the time, there were no viruses that infected mobile phones. But as phone technology has gotten more sophisticated and modern mobile phones run complex operating systems such as Windows Mobile and Symbian, they have become vulnerable to viruses. Another popular virus hoax in the early days of the Internet claimed you could infect your computer with a virus by simply reading an e-mail message. At that time, e-mail was plain text and you had to open an attachment to risk virus infection; with today's HTML messages, it is indeed possible for code embedded in the HTML to infect your computer.
It's even possible that some criminal may hear of some of the fear-mongering hoaxes and set out to commit copycat crimes. With your computer—and in the rest of your life—you should strive to strike a balance between cynicism and naivety, exercising caution but not believing everything you hear or read.
You can check out virus warnings you suspect of being hoaxes on the hoax pages maintained by Symantec, McAfee, and other AV vendors:
For non-virus messages, check with Snopes or Scambusters:
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.