The hoax that cried VIRUS!

Are you turning hoaxes into manually driven e-mail worms? NIRAJ KAUSHIK explains how hoaxes can cause as much damage as a real virus itself and suggests a few tips to deal with them

Computer hoaxes have been in existence ever since the first virus was discovered. One can go as far as saying that hoaxes are the cottage industry for virus writers. Apparently, the popular belief is that anti-virus companies are the virus writers themselves! Nothing could be farther from the truth.

But truly, hoaxes, with their seemingly salutary warnings and their unreal promises of instant wealth and prosperity, often seem far more believable to users than legitimate warnings of an actual threat. And this is most disturbing. You’d know why if you have heard of the popular adage: Once bitten, twice shy. Once bitten by a hoax, forever choose to disregard a valid alert.

So a hoax, in simple terms, is a manually driven e-mail worm—and a crafty one at that. While a worm spreads through e-mail or copies itself over and over again, relying on the devised coding to achieve maximum reach, a hoax simply waits for the unsuspecting user to do its deed. And eventually, we all fall prey to it. So the hoax spreads in a matter of hours, clogging inboxes and servers. Its main purpose is to reach as many people as possible.

An important point often missed is that just as viruses cause damage, so do hoaxes. The damage is just harder to see because it takes the form of lost time and computer resources, and because it is usually spread among many victims. The few seconds it takes you to read one hoax message may not be very significant, but the value of the time spent by hundreds or thousands of people receiving the same hoax could be enormous. An organisation called Hoaxbusters illustrated this in a brief report entitled ‘The Risk and Costs of Hoaxes.’ According to the report, if everyone on the Internet were to receive one hoax message, spend one minute reading it, and then discard it, the cost would be over $41 million. And this figure doesn’t include any other costs, such as the added strain placed on the mail server.

Hoaxes can be divided into several major categories. Some may be associated with an actual Trojan Horse virus. This type of virus entices Internet users to download it by pretending to be something else, for example by claiming to be the latest anti-virus program or an update from a leading security vendor. Then, as soon as you execute the program, the virus is activated. More commonly, a pure hoax refers to a virus, which does not actually exist at all. Either deliberately or through a misunderstanding, someone spreads rumours that it does exist, which people take at face value. The rumours are normally spread by e-mail, with appeals to Internet users to tell all their friends and acquaintances about the ‘virus’, so that they can prevent their computers from being infected by it. In most cases, these hoaxes cause no damage, except to the reputation of the people who pass it on, who may be sincerely trying to help other users but end up making themselves look foolish. In some cases, however, hoaxes can lead naive users to damage their own computers! An example is the "SULFNBK.EXE hoax" or its relative, the "JDBGMGR.EXE hoax", which tell users to search for files with those names and delete them as viruses. The files in question are actually normal components of Windows.

So do you still think that hoaxes are harmless mails? Time management pundits have established that if on an average each person discards junk mail without reading it, we would save as much as 1 man hour everyday! Now that’s food for thought.

What’s more, a hoax leads to paranoia. Naivety in dealing with the first virus alert can make the person disregard valid warnings in the future. So a hoax then has all the characteristics of a slow ticking bomb waiting to explode.

So then why, even in blissful awareness, do we succumb to hoaxes? Do you forward a hoax as suggested in the mail for fear of God or then to win a condo in Miami? Or then will you forward it, thinking that you ‘might’ have a chance? It just ‘might’ be true. Despite your doubts, will you still go ahead and forward it so as not to incur the wrath of the heavens? But then, what can you do otherwise?

Here are a few tips...

• When you receive a mail, that you think sounds like a hoax, it probably is. Stop. Read. If it is a legitimate threat, trust your anti-virus vendor to provide you with the report first.
• Look for emphatic statements, the frequent use of UPPERCASE letters and multiple exclamation points!!!!!
• Check with your IT personnel.
• Do the others a favour. Check out the warning for authenticity, from the anti-virus site.
• When in doubt, delete!

If you receive a warning that seems suspicious in any way, check a website that monitors current hoaxes. Besides the leading anti-virus firms, there are also several organisations dedicated specifically to combating hoaxes. Examples of these are Hoaxbusters (hoaxbusters.ciac.org) and Vmyths.com (www.vmyths. com/hoax.cfm)

If you still need more reasons to refrain from forwarding a hoax, here’s one: No one is going to give you money for forwarding e-mail!

The author is Trend Micro India’s country manager. He can be contacted at niraj_kaushik@trendmicro.com