Recognize Internet hoaxes and viruses before the joke is on youby T. L. Aardsma
It's a sad state of affairs when each visit to your email inbox seems to bring with it more unsolicited messages than the day before. Even if you're using a junk mail filter with your email client, junk mail like spam, advertisements and chain letters can be painstaking to sift through. Worse yet, if you don't have a trained eye for recognizing the difference between email trash and treasures, your ignorance could get you and your computer into some trouble. Email attachments are a prime vehicle for propagating Internet hoaxes and malicious viruses. However, if you train yourself to be a skeptic, you can learn to research and recognize them long before they make a sucker out of you. In this article, we'll show you some patterns to watch out for as well as some online resources where you can verify your suspicions, as shown in Figure A.
You can quickly debunk urban legends and verify virus suspicions with help from online resources.
Something's rotten in the state of cyberspaceAs we mentioned, the key to exposing a potential virus or an Internet hoax is to become aware of the typical patterns that each has in common. Although viruses and tall tales come in all shapes and sizes, many share similar traits that can immediately raise a cautionary flag when read by an educated user. Our helpful hints will give you the edge you need to keep one step ahead of cyberspace ruffians.
You don't need to rely on instinct alone to validate a virus or debunk a hoax. All you need is a degree of caution and suspicion. With that, you'll be ready to visit one of the many virus and hoax information centers online, where you can find out once and for all whether the message or file you're unsure of is a true virus or hoax. We'll get you started by pointing you in the right direction.
However, if you're thinking that's the last step, think again. To help prevent more of the same unwanted junk mail from making its way to your inbox in the future, we'll show you how to share your findings with your friends and colleagues the right way. We'll also tell you when and why sharing isn't the best choice.
Smelling out a ratWhen training your suspicion, it's important to recognize the difference between a virus and a hoax. A virus is a program that, if executed, infects your computer by performing an undesirable action. Some viruses are harmless pranks, while others are designed to cripple your computer. You may be familiar with recent viruses like the SirCam worm, which automatically attaches itself to a random document on your computer and mails copies of the infected document to everyone in your email program's address book.
Hoaxes, on the other hand, also known as urban legends, are dubious warnings or stories that leverage our gullible natures in order to intimidate or even inspire us. While they don't necessarily infect your computer, they can infect your common sense by causing you to believe and propagate a false rumor. Some hoaxes that you might be familiar with include promises that Bill Gates, AOL or Disneyland will pay you thousands of dollars if you forward the message to others. Other hoaxes are, ironically, false virus warnings, instructing you to warn everyone you know of a virus that doesn't even exist. Still others include inspirational stories about fictitious people, warnings about hypodermic needles hidden in payphones and gas pumps, and calls to action suggesting product boycotts.
Now that we've provided you with a general idea of what constitutes the standard virus or hoax, we'll share some more specific features of each that can help you sniff out the rats in your inbox. Once you've internalized these main points, you'll begin to discover common traits among suspicious files and messages.
Spotting a virusWhen it comes to spotting potential viruses, the golden rule is to always use your anti-virus software to scan an unknown file before you download or open it. Fortunately, many Web-based email clients, such as Hotmail and Yahoo!, have made this a simple task by offering the ability to scan potentially harmful email attachments before you open them, as shown in Figure B.
This questionable attachment, sent by an unknown source, may contain a virus and should be scanned to determine whether it's safe to open.
However, even if you don't have anti-virus software, don't let viruses scare you out of your inbox. Although viruses are commonly propagated via email attachments, reading the email messages that contain them can't infect you. The virus is contained in the attached file and can only infect you if you open the attachment. By that token, it's important to be suspicious of absolutely every file attachment that makes its way to your inbox, even if it's been sent by someone you know. Remember, many viruses use your email program to send themselves automatically, so there's no guarantee that an attachment is safe unless you scan it with up-to-date anti-virus software first. Here are some additional points to keep in mind:
To help spot viruses that sport double extensions, configure Windows to display file extensions for known file types.
Spotting a hoaxInternet hoaxes and urban legends are, in most cases, significantly less dangerous than their virus counterparts. However, depending on their form, hoaxes can still be considered potentially harmful propaganda. So why do people bother goading the innocent with tall tales and pointless calls to action in the first place? Often, the composer simply wants to see how long it will take for the message to be forwarded to so many people that it eventually gets back to him (and how many suckers he can reach along the way). The problem is, during the process countless servers become clogged with copies of the meaningless message, and innocent readers are fooled into believing something that isn't true. Here's what you can do to help stop the cycle:
Checking with the expertsWhen you're suspicious of a potentially harmful email attachment or a dubious hoax, the next step is to check its validity. You can easily research viruses and hoaxes, as well as application exploits, online at the sites listed in Table A. Though we've divided these sites into separate categories, keep in mind that some of the sites we've listed include information about both viruses and hoaxes.
Table A: Virus, hoax and exploit information resources
To help you keep your virus and hoax detection instincts sharply honed, many of these sites offer newsletters that you can subscribe to for periodic updates on the latest outbreaks. In addition, since messages containing viruses or hoaxes can float around the Internet and from person to person for years, they can resurface at any time. To help you debunk even the most obscure viruses and hoaxes, most of these sites contain extensive archives that are fully searchable, enabling you to quickly pinpoint a virus or hoax simply by searching on the contents of the message you received.
Articles debunking or validating viruses or hoaxes are often highly detailed, since it's imperative that their researchers prove their own personal reliability. Most contain an example of the original message as well as details about its origin, as shown in Figure D. As a result, when you research a virus or hoax, you'll walk away armed with reliable information that you can use to combat future messages with similar traits. This brings us to the next step in the effective handling of viruses and hoaxes: After you've researched the message's validity, help break the cycle by sharing your findings with the friend or colleague who forwarded the message to you!
Virus information and Internet hoax articles usually detail the original message and then go on to prove or disprove the message's claim.
Spreading good adviceWhen a friend or colleague sends you a message that you've discovered is an urban legend or contains a virus, it's a responsible gesture to let them know about it. However, before we continue, we'd like to stress that you should only follow up with people who you already know. If you receive a message containing a virus or hoax from an unknown source, don't bother contacting the sender. There may be additional scams that person is looking for a chance to pull on you, such as validating your email address as a source open to further spam.
Viruses and hoaxes are most often forwarded by friends and colleagues who just don't know any better. One of the most effective ways to prevent these people from sending you additional suspicious messages is to educate them as you educate yourself. After you've researched a virus or hoax, kindly notify the sender of what you've learned and provide a link to that information. If you're uncomfortable composing such a message yourself, you may be more comfortable taking advantage of The Urban Legend Combat Kit at www.netsquirrel.com/combatkit. For more information, see the November 2000 article "Fight hoaxters with the Urban Legend Combat Kit." An informed netizen is a responsible netizen, and by sharing your new knowledge with others, you can work together to break the cycle of suspicious viruses and hoaxes.
Breaking the cycleBy sharpening your instincts and increasing your suspicion of mysterious email messages, you can prevent hackers and hoaxters from taking advantage of you. In addition, by sharing your knowledge and research with your friends and colleagues, you can help combat Internet ignorance. Don't forget that email attachments aren't the only place to catch a virus—you can unleash viruses on your system by downloading infected files from the Internet as well. Stay tuned for a future article about protecting your system from potentially dangerous Internet files.