We’re bombarded on an almost daily basis with news of new
threats to our computer systems. The year 2006 started with a deluge of new
viruses, according to the Commtouch Detection Center’s
presentation at the RSA Conference in February. And installing a good antivirus
program and keeping it up to date isn’t enough; other forms of attack–from
spyware that infects individual computers to denial of service attacks that
bring down whole networks–are on the rise, too.
But along with all the reports of real threats, the Internet
spawns numerous hoaxes: messages that warn of threats that aren’t real. The
originators of these messages are sometimes just trying to be funny, but other
times they instruct users to do things to protect against the fake threat that
really will damage their data or
render their computer unusable. Most people who pass on the hoaxes have good
intentions, but forwarding copies of virus and attack warnings that haven’t
been confirmed can do more harm than good. Of course, a number of hoax messages
out there promise all sorts of good things.
Alas, when they sound too good to be true, they probably are.
Share this list with your users to
help raise their awareness of the scams they may encounter. They’ll be less
likely to fall for a hoax and tie up your resources, and they may think twice
before hitting that Forward button.
#1: Good Times: The mother of all virus hoaxes
This virus warning, in various forms, has been making its
way around the Internet since at least the mid-1990s. It supposed originated on
America Online, and the warnings claimed that it was far more dangerous than other
well-known (and real) viruses of that time, such as Michelangelo and Stoned.
Some of the warning messages claimed only that Good Times would “erase” your
hard disk. Others really went overboard, claiming that it would physically
destroy the disk so it could never used again and could even damage your
A virus can indeed cause all the files on your disk to be deleted
or even destroy the partition information on a disk (a good example of this was
the CIH virus). Viruses can also overwrite the flash BIOS on a computer,
rendering it unusable. However, a virus can damage only software; it can’t
physically damage a computer’s hardware.
#2: The FCC says…
Hoax warnings often give themselves away by trying too hard.
They’ll invoke the Federal Communications Commission (FCC) or some other
government agency to make their warning sound credible. Others will make the
warnings appear to come from Microsoft, Symantec, or some other large software
company or include quotes from supposed “computer experts.” Still others claim
that the virus warning was reported on CBS News or by the New York Times or
some other reputable media outlet. (Sometimes this is even true; news outlets
have occasionally been fooled into repeating hoax warnings.) Many hoaxes also
make the claim “checked out by Snopes” (a popular Internet site for verifying
the status of urban legends and hoaxes) even when Snopes itself lists them as a
#3: Exploding the myth about exploding systems
Another clue that a warning is a hoax is that the claims of
the virus’s destructiveness are just too incredible. For example, the Death Ray
Virus warning is still seen occasionally; it claims that a virus called Death
Ray causes home computers to “explode in a hellish blast of glass fragments and
flames” and that some specified number of people have already been injured and
millions risk their lives every day when they sit down at their computers. The
virus is also described as not containing the usual markers that enable it to
be identified. And rather than explain exactly how the virus causes this
explosion, the hoax says only that “it’s an extremely complicated process.”
#4: Beware the dreaded nth complexity infinite loop
Hoaxes also use technical-sounding jargon that is in fact
meaningless. For instance, one variant of the Good Times hoax claimed that it
destroyed the computer’s processor by setting it to “an nth complexity infinite
loop.” Sounds impressive–and scary–except that there’s no such thing. Hoax
warnings count on the fact that most of their recipients are not tech experts
and won’t know the difference.
#5: Not-so-sweet cookies
Cookies are small text files that some Web sites place on your
hard disk, containing information such as user IDs, shopping cart information,
and configuration preferences, so that when you visit the site again it
“recognizes” you. Many hoax warnings have appeared claiming that a particular
site or Internet service puts a cookie on your hard disk that will allow anyone
to read “any of the information on your drive.” Hackers may be able to access
and read the files on your system, but they don’t do it through cookies.
Cookies are created by the Web site; they contain only information you’ve
entered or that concerns your activities on the site (or in some cases, across
multiple Web sites). Besides, a cookie that contained all the information on
your disk would be an incredibly large file. Cookies do pose a privacy issue,
but they don’t disseminate viruses or allow access to your entire hard disk.
#6: A taxing dilemma
As April 15th approaches each year, we see a
variation of a hoax that warns you not to send your tax returns electronically
because there is an attacker who is intercepting all tax return files and
“changing the current account indicated by the victim to the virus author’s
account.” This will supposedly cause your refund check to go to the virus
writer. According to the IRS Web site, more than 68 million Americans filed
their tax returns electronically in 2005.There is no evidence of any tax
returns or refunds being intercepted via the Internet as described by the
#7: Don’t delete that “virus”
A popular ploy of more malicious virus hoaxers is a message
describing a dangerous virus and telling you to search your hard disk for
certain files and then delete them to get rid of the virus. The catch is that
if you delete the files they tell you to delete, you’re actually deleting
important system or application files and you’ll cause your system or some
software functions to become unusable or unstable. A relatively harmless
example of this is the hoax message that warns Hotmail users that a virus is
being spread by MSN Messenger and is not detectable by McAfee or Norton. It
includes instructions to delete the file jdbgmgr.exe. In fact, this is a file
used by Microsoft developers (the Microsoft Debugger for Java).
Other hoax messages have instructed recipients to delete
essential Windows files, rendering their systems unbootable. Never follow virus
removal instructions contained in e-mail messages. If a virus is real and can’t
be removed by antivirus software, the major AV vendor Web sites will contain
instructions for manually removing it.
#8: No free money
Sci-fi writer Robert A. Heinlein coined the acronym
TANSTAAFL (pronounced “tan-stawful”), which stands for “There Ain’t No Such
Thing As A Free Lunch.” Keep it in mind when you get one of the hundreds of
hoax messages boasting of giveaways. One of the most famous ones claims that if
you forward the message to other people, Bill Gates, Disney, or some other
famous person or company will somehow know how many times you forwarded it and
send you money for doing so. Even if some generous soul actually wanted to do
this, there is no way they would be able to track your mail and know how many
times you forwarded the message.
Variations on this scam include claims that Miller Brewing
is giving away free beer, that Abercrombie & Fitch is giving away free
clothing, that Coca-Cola is giving away cases of coke, that Dell is giving away
free computers, that Nokia is giving away free phones, and so on. In each case,
to get your free prize you have to forward the message to a specified number of
people (often as high as 25,000).
#9: Playing on your sympathy
Who can resist a request for help–especially when the person
who needs help is a little kid? The same “dying child” scams have been floating
around the Internet for years, but people still fall for them. They usually
describe someone who has a fatal disease, has been the victim of a natural
disaster or a terrible accident, or is otherwise in dire straits. Some of these
scams ask you to send money; others ask you to send cards or e-mail messages.
One variation claims to be from a child who is doing a school project to
collect e-mail from as many states and countries as possible. Some, like the
“free money” scams, ask you to forward the message to as many people as
possible, claiming that some organization, such as the American Cancer Society
or Microsoft, will donate money for each time the message is forwarded.
Some of these may start out as genuine situations, but they
keep getting forwarded long after the person has died or the problem has been
#10: State of fear
A particularly obnoxious type of scam message warns you of
some sort of physical danger that doesn’t exist. These are often based on
urban legends, such as the one that warns of people being abducted from bars
and waking up the next morning with their kidneys missing, or the one that
warns of a series of cases where victims heard a baby crying outside their door
and opened it up, only to be attacked by a serial killer. These types of
stories have been around since long before the Internet, but e-mail has given
them new life.
A recent version claims that on a certain day, members of
some street gang will have an initiation ritual in which prospective members
must drive around at night with their headlights off and kill the first driver
who flashes his/her lights to let them know.
These messages usually quote “police officials” or “FBI
spokespersons” to lend credence to their claims.
Today’s hoax may be tomorrow’s reality
It would be irresponsible not to emphasize that virus
writers, hackers, and attackers are coming up with something new literally
every day. Some of the warnings that were hoaxes a few years ago have blossomed
into real threats today. For instance, in the late 90s, there were messages
going around the ‘Net warning that you could get a virus on your mobile phone.
At the time, there were no viruses that infected mobile phones. But as phone
technology has gotten more sophisticated and modern mobile phones run complex
operating systems such as Windows Mobile and Symbian, they have become
vulnerable to viruses. Another popular virus hoax in the early days of the
Internet claimed you could infect your computer with a virus by simply reading
an e-mail message. At that time, e-mail was plain text and you had to open an
attachment to risk virus infection; with today’s HTML messages, it is indeed
possible for code embedded in the HTML to infect your computer.
It’s even possible that some criminal may hear of some of
the fear-mongering hoaxes and set out to commit copycat crimes. With your
computer–and in the rest of your life–you should strive to strike a balance
between cynicism and naivety, exercising caution but not believing everything
you hear or read.
You can check out virus warnings you suspect of being hoaxes
on the hoax pages maintained by Symantec, McAfee, and other AV vendors:
For non-virus messages, check with Snopes