| Introduction to Virus Hoaxes |
| Some people think it is funny to waste others' time and money by creating
virus
hoaxes. These are emails that appear to be legitimate virus alerts.
People send them on to their friends, and thus virus hoaxes traverse the
Internet at a rapid rate, just like real viruses. |
| How to recognise virus hoaxes |
Being discerning is the key to successfully recognising virus hoaxes.
It is just like discerning genuine currency from counterfeit: the important
thing to ask yourself is, "What does the genuine article look like?"
Here is a comparison between virus hoaxes and genuine virus alerts:
| Virus Hoaxes |
Genuine Virus Alerts |
| ... ask you to pass on the alert as you received it. This
is the number one distinguishing characteristic of Internet hoaxes. |
... ask you to see an authoritative source for information. |
| ... come from a friend. |
... come from a virus software vendor's mailing list or some other
recognised computing authority. |
| ... were originally anonymous. |
... include an email address or a URL pointing to their web site that
allows you to find more information. |
| ... state the threat in alarmist, exaggerated terms (e.g. "This virus
will destroy sector zero on your hard drive!") |
... state the threat in realistic, measured terms. |
| ... may state that there is no known cure for the virus. |
... provide instructions for removing the virus. All known viruses
can be detected and removed. (This is never likely to change.) |
| ... often claim to originate from well-known computer companies of
which many householders have heard, such as Microsoft and IBM. |
... originate from lesser-known companies that specialise in virus
detection and removal, such as Symantec (Norton), Network Associates (McAfee),
Sophos, etc., or independent computer security researchers. |
A real example:
http://www.symantec.com/avcenter/venc/data/sulfnbk.exe.warning.html |
A real example: http://www.symantec.com/avcenter/venc/data/w97m.marker.oa.html |
Not all of these observations will apply to every hoax, but most have
several of these characteristics. Every virus hoax will show at least
one of them (especially the first). Many of these characteristics
can also be extrapolated to non-virus-related hoaxes (e.g. common urban
myths). |
| What to do about virus hoaxes |
Here are some suggestions for what to do when you receive a virus alert:
-
Firstly, and most importantly, DO NOT SEND IT ON WITHOUT CAREFULLY INVESTIGATING.
If you received it from anyone other than your virus software vendor, more
than likely it is a hoax.
-
Look for the telltale signs of virus hoaxes (see above). If you find
them, you're 90% sure it's a hoax already.
-
Do 5 minutes of research to make sure that you're right. Start with
the links listed below.
-
Send a polite note back to your friend asking them to read some reputable
site(s) regarding the virus hoax, such as the links below.
-
Don't think, "It's better to be safe than sorry", and send it on to your
other friends anyway. Instead think, "If it really were a serious
problem, all my friends would likely have heard about it already."
-
Subscribe to your virus software vendor's virus alert mailing list, so
that you'll learn to recognise genuine alerts.
-
Delete the email and try to do something actually useful with your computer
(hard, i know :-).
|
| Links |
CA
guide to recognising virus hoaxes
http://www.symantec.com/avcenter/hoax.html
http://vil.mcafee.com/hoax.asp
http://hoaxbusters.ciac.org/HoaxBustersHome.html
http://www.public.usit.net/lesjones/goodtimes.html |
|