interweb freedom

(formerly Stop Usage Based Billing)

When a warning is a hoax

Posted by Laurel L. Russwurm on February 9, 2012

I received this “URGENT” warning from someone I know to be both intelligent and trustworthy:

In the coming days, you should be aware.....Do not open any message with an attachment called: Invitation FACEBOOK, regardless of who sent it. It is a virus that opens an OlympIc torch that burns the whole hard disc C of your computer. This virus will be received from someone you had in your address book. That's why you should send this message to all your contacts. It is better to receive this email 25 times than to receive the virus and open it. If you receive an email called: Invitation FACEBOOK, though sent by a friend, do not open it and delete it immediately. It is the worst virus announced by CNN. A new virus has been discovered recently that has been classified by Microsoft as the most destructive virus ever. It is a Trojan Horse that asks you to install an adobe flash plug-in. Once you install it, it's all over. And there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information of their function is saved. SNOPES SAYS THIS IS TRUE............http://www.snopes.com/computer/virus/y Dear Friends This message has just been sent to me . What next! Hope you are well. Love Jean

This warning scares me, not for what it says, but because it is a hoax.

The problem is that even though almost all of us use the Internet, it is still kind of like magic for most of us. Even for intelligent and trustworthy people. Which is why I have chosen to share the cautionary reply I wrote to my friend with you here.

Do you know this [name redacted]? Why does she have a different email address for sending email and receiving replies? It could be that her real email address is being “spoofed” here. Someone may have already stolen her email account or she herself could be a fake.

Anyone can say they are anyone online or in email.

This warning message is a hoax:

* Computer virus hoaxes became widespread as viruses themselves began to spread. A typical hoax is an email message warning recipients of a non-existent threat, usually quoting spurious authorities such as Microsoft and IBM. In most cases the payload is an exhortation to distribute the message to everyone in the recipient’s address book. Sometimes the hoax is more harmful, e.g., telling the recipient to seek a particular file (usually in a Microsoft Windows operating system); if the file is found, the computer is deemed to be infected unless it is deleted. In reality the file is one required by the operating system for correct functioning of the computer.

http://en.wikipedia.org/wiki/Hoax

Snopes logo showing the letter S as a gooseneck lamp shining light on the name with tag line: Rumour has it

People are often warned not to click on an email link, because it might send us somewhere completely different than we are lead to believe we are being sent. In this case, the link is perfectly safe, because it really does go to Snopes:  http://www.snopes.com/computer/virus/youtube.asp

If you want to check a link in an email, you can copy the link and paste it into your browser search bar. Or you can simply fire up DuckDuckGo and search for the place the link says it is sending you — in this cases Snopes. Snopes is a good place to check to discover if it is a scam or a hoax.

In this case, if you actually go to the Snopes link provided it actually tells you that this warning is a hoax. Originally the hoax linked to a real Snopes page for a real virus. But the virus is outdated, and no longer an issue. The hoax relies on the fact that people will be frightened into spreading fear and misinformation without checking.

Most hoaxes are “harmless” — if you discount wasted time and energy of vast numbers of people, wasted internet bandwidth (which can be quite expensive in Canada) and spreading misinformation.  But some of them tie into more nefarious schemes like identity theft or harvesting email addresses for spam.  When the “harmless” hoaxes have trained ordinary users to automatically pass on warnings we believe will help our friends, we are more likely to automatically forward the malicious scams that can wreak real havoc.

The hoaxers count on people not taking the time to check. But if a warning is warranted, it is worth checking to make sure it is real.

If you don’t have the time to check, then don’t pass on the warning.

Advertisements

2 Responses to “When a warning is a hoax”

  1. Here is the standard reply I’ send to people who send me hoaxes:

    Hi: This is a hoax. [include some information about that specific hoax] Below is some general information about virus hoax messages.

    I recommend that you send a copy of this e-mail to the person that sent the virus hoax message to you, as well as anyone to whom you’ve sent it yourself, so that everyone benefits by recognizing hoaxes and not having to wade through them in the future.

    Hoax virus messages are sent out frequently, so it’s not a good idea to pass them on. Instead, check with a real anti-virus vendor to verify that such a virus really exists, and then use your anti-virus software to disinfect and protect your computer.

    The signs of a hoax virus alert are:

    1) An authority is quoted that has nothing to do with virus or security alerts. Common authorities quoted in hoaxes are IBM, Microsoft and AOL. These companies never issue virus alerts. Anti-virus software vendors do that (Symantec, Network Associates, F- Secure, Sophos). Good independent sources for virus warnings are CERT http://www.cert.org and CIAC http://www.ciac.org/ciac/ , which sell no anti-virus software.

    2) The warning urges you to pass it on to all your friends.

    3) The warning is vague about details (“discovered recently” — when was that? What mechanisms does it use to do its damage?)

    4) The virus is claimed to do things no virus can do (damage hardware, destroy the Internet). Note that recent viruses can now do things that were previously thought impossible (eg. viruses can run their payload just by reading the mail message, or by just being downloaded — however, this is more due to security flaws in Windows and Outlook than newly discovered virus powers).

    5) LOTS OF UPPERCASE TO MAKE IT LOOK MORE URGENT and

    6) Lots of exclamation marks to show it really means what it
    says!!!!!!!!!

    If you don’t already have anti-virus software running you should get some right away. Make sure you keep your virus signature files up-to- date as well, or get anti-virus software that doesn’t depend on signature files.

    Hoax messages have been around a long time – who still remembers when AOL was considered an authoritative voice on the Internet?

    –Bob.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: