[Previous Months][Date Index][Thread Index][Join - Register][Login]
[Message Prev][Message Next][Thread Prev][Thread Next]

[IP] Virus Warnings - Long

A few "virus warnings" have been popping up lately, so I wanted to pass
along some ~good advice~ that comes from the CIAC.org website.


"Users are requested to please not spread chain letters and hoaxes by 
sending copies to everyone you know. Sending a copy of a cute 
message to one or two friends is not a problem but sending an 
unconfirmed warning or plea to everyone you know with the request that 
they also send it to everyone they know simply adds to the clutter 
already filling our mailboxes. If you receive any of this kind of mail, 
please don't pass it to everyone you know, either delete it OR pass it to 
your computer security manager to validate. Validated warnings from 
the incident response teams and antivirus vendors have valid return 
addresses and are usually PGP signed with the organization's key. 
Alternately, you can and should get the warnings directly from the web 
pages of the organizations that put them out to insure that the 
information you have is valid and up-to-date."  

The Real Costs of a Hoax

"The cost and risk associated with hoaxes may not seem to be that 
high, and isn't when you consider the cost of handling one hoax on one 
machine. However, if you consider everyone that receives a hoax, that 
small cost gets multiplied into some pretty significant costs. For 
example, if everyone on the Internet were to receive one hoax message 
and spend one minute reading and discarding it, the cost would be 
something like: 50,000,000 people * 1/60 hour * $50/hour = $41.7 

"Probably the biggest risk for hoax messages is their ability to multiply. 
Most people send on the hoax messages to everyone in their address 
books but consider if they only sent them on to 10 people. The first 
person (the first generation) sends it to 10, each member of that group 
of 10 (the second generation) sends it to 10 others or 100 messages 
and so on.  By the sixth generation you have a million e-mail messages 
being processed by our mail servers. The capacity to handle these 
messages must be paid for by the users or, if it is not paid for, the mail 
servers slow down to a crawl or crash. Note that this example only 
forwards the message to 10 people at each generation while people who 
forward real hoax messages often send them to many times that 
number." "Recently, we have been hearing of spammers (bulk mailers of 
unsolicited mail) harvesting e-mail addresses from hoaxes and chain 
letters. After a few generations, many of these letters contain hundreds 
of good addresses, which is just what the spammers want. We have 
also heard rumors that spammers are deliberately starting hoaxes and 
chain letters to gather e-mail addresses (of course, that could be a 

"So all those people who were worried about the 'poor little girl dying of 
cancer'   <http://hoaxbusters.ciac.org/HBSympathy.shtml#girldying>     
find themselves not only laughed at for passing on a hoax but also the 
recipients of tons of spam mail."   

To Recognize A Hoax

"Probably the first thing you should notice about a warning is the 
request to "send this to everyone you know" or some variant of that 
statement. This should raise a red flag that the warning is probably a 
hoax. No real warning message from a credible source will tell you to 
send this to everyone you know. Next, look at what makes a successful 
hoax. There are two known factors that make a successful hoax, they 
are: (1) technical sounding language. (2) credibility by association. If the 
warning uses the proper technical jargon, most individuals, including 
technologically savvy individuals, tend to believe the warning is real. For 
example, the Good Times hoax says that "...if the program is not 
stopped, the computer's processor will be placed in an nth-complexity 
infinite binary loop which can severely damage the processor...". The 
first time you read this, it sounds like it might be something real. With a 
little research, you find that there is no such thing as an nth-complexity 
infinite binary loop and that processors are designed to run loops for 
weeks at a time without damage. When we say credibility by 
association we are referring to who sent the warning. If the janitor at a 
large technological organization sends a warning to someone outside of 
that organization, people on the outside tend to believe the warning 
because the company should know about those things. Even though the 
person sending the warning may not have a clue what he is talking 
about, the prestige of the company backs the warning, making it appear 
real. If a manager at the company sends the warning, the message is 
doubly backed by the company's and the manager's reputations. Both 
of these items make it very difficult to claim a warning is a hoax so you 
must do your homework to see if the claims are real and if the person 
sending out the warning is a real person and is someone who would 
know what they are talking about. You do need to be a little careful 
verifying the person as the apparent author may be a real person who 
has nothing to do with the hoax. If thousands of people start sending 
them mail asking if the message is real, that essentially constitutes an 
unintentional denial of service attack on that person. Check the person's 
web site or the person's company web site to see if the hoax has been 
responded to there."

"Check the page http://hoaxbusters.ciac.org/HBOtherHoaxPages.html  
to see if we have already declared the warning a hoax."     

George Lovelace
IP Admin
for HELP or to subscribe/unsubscribe, contact: HELP@insulin-pumpers.org
send a DONATION http://www.Insulin-Pumpers.org/donate.shtml