interesting article about email hoax'es

Discussion in 'other security issues & news' started by Rita, Nov 18, 2004.

Thread Status:
Not open for further replies.
  1. Rita

    Rita Infrequent Poster

    Joined:
    Jun 28, 2004
    Posts:
    6,863
    Location:
    wilds of wv
    Is a user's risk proportionate to his words?
    A good friend of mine recently sent me an email regarding an alleged missing child, Penny Brown. When told the message was a hoax, she responded in an all too familiar fashion: "I thought it might be, but I sent it just in case." Likewise, I often receive email from readers who became infected after opening an email attachment. Their familiar refrain is, "I knew I probably shouldn't open it, but it came from my cousin/sister/friend." Paul Schmehl, Supervisor of Support Services at the University of Texas at Dallas, reports he often hears:
    "I know it used to be a hoax, but I was wondering if it still was."
    "I thought it might be bad, but I really wanted to see what it would do."
    "It was sent by xyz corp's system admin, so I figured it was genuine."
    "I didn't send that mail, so I couldn't be infected."
    Unfortunately, in these instances, words can hurt you - and often everyone in your address book as well.

    If you or someone you know has ever uttered one of these phrases, consider the following.
    Forwarding warnings just in case
    Hoaxes can be damaging and there are real costs involved. Ask anyone affected by the Sulfnbk.exe hoax, or a system administrator whose email server is constantly bogged down or who has to waste valuable time debunking the erroneous message. Before you send something just in case, take a moment to check its authenticity. David Emery, the About.com guide to Urban Legends, provides an exhaustive collection of common (and not so common) myths and urban legends. Bookmark the Urban Legends site and consult it the next time you receive an email warning of missing children, infectious blue envelopes, or any other such email. Virus warnings should also be checked for legitimacy. Bookmark the Hoax Encyclopedia and consult it before forwarding that dire admonition. Better yet, don't forward any such warnings even in the off chance you discover it is valid. Instead, send a link to the site confirming the information. That way, there's little chance of your propagating a hoax.

    It came from someone I know
    Just because an email attachment arrives from someone you know, it doesn't mean it is safe to open. In fact, any email attachment received unexpectedly should be viewed with suspicion. Unless you are absolutely certain it is not a file type capable of harboring a virus, delete it. If you must open it, save it to the drive first and scan it with updated antivirus software before opening. Better yet, use a program such as MailDefense to filter your email for you. That way, you know anything delivered to your inbox is safe to read and open.

    I wanted to see what it does
    Curiosity can be our own worst enemy at times like these. Remember Pandora and keep the lid on the box. There are many Virus Encyclopedias on the Web that will provide a step-by-step description of what the code does - without your ever becoming a victim.

    It said it was from xyz corporation
    There are hoaxes floating around that purport to be from a variety of organizations. Anyone can type a name into an email. Unless it came directly from that person - and not forwarded by a friend - don't believe it. Consult the Hoax Encyclopedia and Urban Legends site instead.

    I didn't send that email, so I can't be infected
    It's important to remember that if your system becomes infected with a virus, it won't ask permission to send itself to others. On the other hand, email worms often spoof the sender's name, and many alerts are erroneously sent to the spoofed sender as a result. Still, if you are getting emails from friends and relatives telling you a virus is being sent from your machine, it's worth checking your system. Update your virus protection and do a thorough system scan. If you don't have virus protection, check out the Top Antivirus section of this site for recommendations. Can't afford virus protection? Many vendors provide free online scanners which can provide a manual scan of your system. Trend Micro's Housecall excels in this area. Bear in mind that the warning may actually be the virus. If you receive an email from someone you know telling you there's a virus on your system and that email has an attachment that is a supposed fix to the problem, don't believe it. Delete the email and scan your system to be on the safe side.
     
  2. still_longhorn

    still_longhorn Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    256
    Here is a low-tech solution to a high-tech problem. It will not prevent you from being infected but it will prevent you from infecting others as well as alert you to the problem....

    1. In your address book, create a name:"00000" (DO NOT PUT AN ADDRESS, NOT EVEN A FAKE ONE)
    2. Check if this is the first name in your Address book (It should be!)
    3. In the event you get infected and a worm tries to send itself to others, your system will alert you to its presence with a message "Address of 00000 not found!"
     
  3. Eldar

    Eldar Registered Member

    Joined:
    Jul 12, 2004
    Posts:
    2,126
    Location:
    Vilvoorde (Belgium)
    Thanks for the tip, but I simply don't need to do that. :)
    My email client doesn't use MAPI or the Windows Address book and of course my antivirus gives me and the others excellent protection.:cool:
     
  4. Rita

    Rita Infrequent Poster

    Joined:
    Jun 28, 2004
    Posts:
    6,863
    Location:
    wilds of wv
    Thanks for the info still longhorn,appreciate the tip.
     
  5. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Sorry LH - it's false - see here: http://www.snopes.com/computer/virus/quickfix.htm
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,793
    Location:
    Texas
  7. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    I learn from the very best here. ;)
     
  8. Rita

    Rita Infrequent Poster

    Joined:
    Jun 28, 2004
    Posts:
    6,863
    Location:
    wilds of wv
    Hi Peaches
    thanks for the link,glad your such a good investigator,i appreciate all the things you do :) and your help
    Rita
     
  9. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    Thanks Peaches - I'd heard warnings several times that the all-zeroes "protection" didn't work, but it probably would have taken me a week to come up with an appropriate link.

    One thing I like about my Eudora is that it warns about anything outbound going to multiple addresses, even if you're doing it yourself deliberately.
     
  10. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Hi Mike - here is another site u might like to bookmark to check if a message is a hoax or not - http://www.truthorfiction.com/

    I have the two links I posted here bookmarked as some contacts I know send me a hoax at least once a week. grrrr!! They believe everything that is sent to them and then hit the forward button. :( I check it out, emaiedl the info. back to them and then they hit the forward button to notify their contacts in reverse. I tried real hard to educate these folks but to no avail. :rolleyes:
     
  11. fulmoonusers

    fulmoonusers Guest

    Imagine that! Longshorn was wrong about something or did he know that?
     
  12. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Actually he fell victim to some of those sites and pages which live on and on with tricks and tweaks that just do not work..have no date attached to them and the author of those pages does not have the courtesy or the desire to change or retract them.

    And that brings us back to full circle on the subject of "Why Wilders" and what is this community all about? The Community is Dynamic. it is a place to go to get uptodate information..not with this Google thingie then lurk in the background dissecting what you may or may not find :D ..but rather to ask the question in the forum and get an accurate answer...because you know somewhere in the discussion the truth and help you need will come out.

    I used to have in my signature at this forum " Wilders plants the BEST seeds "

    I have no idea when or where Peaches4U learned that "fix" no longer works. I do know why and when it started (and ones similar for the WAB) during the period of time in the past when virus writing was not that sophisticated and it would give you an edge. But that too has become Dynamic. The willingness to then share puts it all into perspective. ;)

    Does not matter if Longhorn knew already it was bogus.. but rather now maybe he will not post it again..and the added bonus of this thread is others will read it and learn that it offers them no protection at all..and stick around Wilders and read some more..if they want to get serious about Securing their System or PC.

    The expertise of the whole Wilders community is in balance. Longhorn and others would be surprised not only at the cumulative knowledge..but also the caring involved..if he would just approach it all from a different direction.

    Thanks Peaches ;)
     
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,793
    Location:
    Texas
    Primrose

    I put together a few sentences that describes Wilders for me.

    People from all over the world come to Wilders to learn, instruct, share, and socialize.

    The knowledge on this forum varies from beginner to MVP.

    Using watches as an example.

    Some of the people that come here can't tell you the difference between a quartz and a mechanical watch.

    Others know the difference between a quartz and mechanical watch.

    Some can tell you how a quartz watch works. Some can tell you how a mechanical watch works.

    Others can tell how you how to build either watch.

    Some can build either watch.

    Some can't build the watches but can tell you what materials to use to build the watch.

    Others know the metalurgy involved in the gears as well as how the jewels are made that extend the life of the wear points.

    Point: Something for everybody.

    Thanks again Peaches.
     
  14. Marja

    Marja Honestly, I'm not a bot!!

    Joined:
    Mar 8, 2004
    Posts:
    4,553
    Location:
    In the Vast Fields of My Mind
    And I know how to wind them just right - so they break! :)

    Thanks Peaches, Primrose and Ronjor, in three posts I can name that tune, it's a caring, sharing and understanding community, sometimes called a "Family"!
     
Loading...
Thread Status:
Not open for further replies.