Smelling A Hoax A Mile Away By Using A Little Common Sense
Posted by Coenraad De Beer on: 2006-09-10 18:00:13
Self SEO > Internet Security Articles
It is amazing how quickly the world knew in September 2001 that America was under attack, but years after discovering that a specific e-mail is a hoax, people still don’t know about it. The main problem for this is that people don’t really take the time and effort to inform others about the hoax and like I said, most of these e-mails come from friends and family and it is not always that easy telling these people that it is a hoax, some may feel embarrassed and react negatively to your information, others will simply not believe you. And it is because of these stumbling blocks that these e-mails make an appearance every now and then.
I will demonstrate how to identify a hoax by using a very common example, the Zero Sector Virus-hoax. This e-mail appeared years ago (it dates back to 2001) and are still in circulation, but only new variants of the original one. The text printed in italics is an extract from the e-mail. Below each extract is an explanation of the common signs of a hoax that appear in the extract.
“PLEASE FORWARD THIS WARNING AMONG ALL YOUR CONTACTS”
This e-mail is intended to inform the receiver about a virus, but the main focus of this e-mail is the spreading of it. Normally the subject of an important e-mail tells you a little bit about the contents of the e-mail, but the writer of this e-mail was more concerned about the distribution of this e-mail than the information contained within. So this heading should already flash some warning lights.
“Be alert during the next few days: Don't open any message with an attached file called "Invitation", regardless of who sent it.“
The first sentence says it all. The next few days are a bit vague. There are no specific dates specified, so the next few days can be any “next few days”. Hoaxes always have generalization in mind, so that the e-mail appears applicable at the time when you read it.
“It's a virus that opens an Olympic Torch that "burns" the whole hard disk of your computer.”
There is only one strange thing about this sentence. Notice the two spaces between the words ‘whole’ and ‘hard’. It is common among creators of hoaxes that they never give attention to style, grammar or punctuation when compiling e-mails like this. So when you get an e-mail like this with lots of grammatical errors and typos, you can be certain that it is some kind of hoax or scam.
“This virus will come from someone who has your e-mail address; that's why you should send this e-mail to all your contacts. It's better to receive this message 25 times than to receive the virus”
The first sentence is total rubbish. Of course an e-mail virus comes from someone who has your e-mail address, but it does not mean that you have the e-mail address of everyone who has yours. Hoaxes and scams thrive on circulation, if there is no circulation, there is no possibility of spreading. The fact that it is better to receive the message 25 times than to receive the virus holds some truth. Hoaxes are like chain letters, they keep coming back to you and never stop until everyone decide to break the chain. Again you will notice that the sentence does not end with a full stop.
“DON'T open it and shut down your computer immediately .. This is the worst virus announced by CNN, it's been classified by Microsoft as the most destructive virus ever."
This paragraph can easily be identified as a hoax by just confirming this on the websites of CNN and Microsoft. You will be surprised to find that there is no record of this on either CNN.com or Microsoft.com. McAfee mentions this e-mail, but they also classify it as a hoax. It is strange that no virus name is mentioned in this e-mail, all viruses get a descriptive name to help people identify it, so what does it matter what Microsoft says if you don’t even know what virus they are talking about? Shut down your computer. Why? It won’t even help to shut it down even if it was infected with a virus. Shutting down your computer does not make the virus go away. An e-mail and its contents is completely harmless as long as you don’t open it, so there is no need to shut down your computer when you see this e-mail, simply delete it. E-mails can do harm if you use a preview pane, but if you never use a preview pane, it is totally harmless until you open it.
“The virus was discovered by McAfee yesterday, and there's no repair yet for this particular virus. It simply destroys the Zero Sector of the Hard Disk, where vital information is kept.”
No company in this world will ever confess that they can’t fix a problem that is related to their field expertise. What confidence will you have in an anti-virus company if it only tells you about viruses but never fix them. Again notice the use of time. Yesterday can be any day. Anti-virus companies normally gives a specific date when they announce new viruses.
“Also:- Emails with pictures of Osama Bin-Laden hanged are being sent and the moment you open these emails your computer will crash and you will not be able to fix it! This e-mail is being distributed through countries around the globe, but mainly in the US and Israel. Don't be inconsiderate; send this warning to whomever you know. If you get an email along the lines of "Osama Bin Laden Captured" or "Osama Hanged" don't open the attachment.
SEND THIS E-MAIL TO EVERYONE YOU KNOW.”
There is not much to say about this paragraph. It is added only to make the e-mail look legitimate, by giving the reader more information to consume. The original virus destroys sector zero of your hard disk and now they mention your computer will crash. There are no details about what happens when your computer crashes and there is no consistency about the symptoms of the virus so you can only assume that they are referring to another virus in this paragraph. Again no virus name is mentioned and the tone of this paragraph is almost like “Oh and by the way…” or “I almost forgot…” which shows you that the writer of this e-mail only had distribution of the e-mail in mind and mumbled a bunch of nonsense just to make it look interesting and have you send it to all your contacts. The first and last sentence of the e-mail is proof of this.
One last thing to mention is the fact that you can’t find the name of party who created this e-mail. It is anonymous, but may fool the reader to believe that it comes from CNN, Microsoft or McAfee. Microsoft and CNN never announce security threats by e-mail and anti-virus companies only provide virus information to users who signed up for periodic e-mail announcements. These e-mails normally have the letterhead and logo of the specific anti-virus company.
People should be on the lookout for e-mails like this one and inform other about them, but most importantly, you need to break the chain! Keeping your silence about this will cause the problem of spam, hoaxes and scams to grow bigger and bigger. People may feel that some of these signs may not look that easy to identify, which is true, because you sometimes need some background information to be able to identify e-mails like this, but you should be able to identify other signs like the lack of specific dates and typos easily. You only need to use a little common sense.
Coenraad de Beer
Webmaster of Cyber Top Cops - The Cyber Security Specialists
Print this article Tell a friend