s scott wrote:
> If you receive an e-mail titled "Win A Holiday" DO NOT open it. It will
> erase everything on your hard drive. Forward this letter out to as many
The message warning about the WIN A HOLIDAY "virus", while sounding
sincere & good-natured, is only an e-mail perpuated HOAX. See
http://ciac.llnl.gov/ciac/CIACHoaxes.html#holiday for more info, or read
on.
The basic truth is this: RUNNING or OPENING an ATTACHMENT to an email
might possibly infect your machine, simply READING an email message can
NOT. (Please ask your computer administrator if you have questions.)
Several of these hoaxes have been passed around the net, with 'Pen Pals'
and 'Good Times' as two of the biggest. With the internet, rumors are
passed via email faster than light. Remember the fax-based hoax a few
years back about gang initiations and people driving with their
headlights off? That was also another fast perpetuated urban legend.
It's caught a lot of people up; it's even made it to national television
at times as a 'real' danger of the internet.
How to Tell if a Virus Warning is a Hoax.
There are several methods to identify virus hoaxes, but first consider
what makes a successful hoax on the Internet. There are two known
factors that make a successful virus hoax, they are:
(1) technical sounding language, and
(2) credibility by association.
If the warning uses the proper technical jargon, most individuals,
including technologically savy individuals, tend to believe the warning
is real. For example, the Good Times hoax says that "...if the program is
not stopped, the computer's processor will be placed in an nth-complexity
infinite binary loop which can severely damage the processor...". The
first time you read this, it sounds like it might be something real.
With a little research, you find that there is no such thing as an
nth-complexity infinite binary loop and that processors are designed to
run loops for weeks at a time without damage.
When I say credibility by association I am referring to whom sent the
warning. If the janitor at a large technological organization sends a
warning to someone outside of that organization, people on the outside
tend to believe the warning because the company should know about those
things. Even though the person sending the warning may not have a clue
what he is talking about, the prestige of the company backs the warning,
making it appear real. If a manager at the company sends the warning,
the message is doubly backed by the company's and the manager's
reputations.
Individuals should also be especially alert if the warning urges you to
pass it on to your friends. This should raise a red flag that the
warning may be a hoax. Another flag to watch for is when the warning
indicates that it is a Federal Communication Commission (FCC) warning.
According to the FCC, they have not and never will disseminate warnings
on viruses. It is not part of their job.
CIAC recommends that you DO NOT circulate virus warnings without first
checking with an authoritative source. Authoritative sources are your
computer system security administrator or a computer incident advisory
team. Real warnings about viruses and other network problems are issued
by different response teams (CIAC, CERT, ASSIST, NASIRC, etc.) and are
digitally signed by the sending team using PGP. If you download a
warning from a teams web site or validate the PGP signature, you can
usually be assured that the warning is real. Warnings without the name
of the person sending the original notice, or warnings with names,
addresses and phone numbers that do not actually exist are probably
hoaxes.
What to Do When You Receive a Warning...
Call your local support person, first and foremost!!!!!
Upon receiving a warning, they should examine its PGP signature to see
that it is from a real response team or antivirus organization. To do
so, you will need a copy of the PGP software and the public signature of
the team that sent the message. The CIAC signature is available at the
CIAC home page: http://ciac.llnl.gov/ You can find the addresses of
other response teams by connecting to the FIRST web page at:
http://www.first.org. If there is no PGP signature, see if the warning
includes the name of the person submitting the original warning. Contact
that person to see if he/she really wrote the warning and if he/she
really touched the virus. If he/she is passing on a rumor or if the
address of the person does not exist or if there is any questions about
the authenticity or the warning, do not circulate it to others. Instead,
send the warning to your computer security manager or incident response
team and let them validate it. When in doubt, do not send it out to the
world. Your computer security managers and the incident response teams
teams have experts who try to stay current on viruses and their
warnings.
In addition, most anti-virus companies have a web page containing
information about most known viruses and hoaxes. You can also call or
check the web site of the company that produces the product that is
supposed to contain the virus. Checking the PKWARE site for the current
releases of PKZip would stop the circulation of the warning about PKZ300
since there is no released version 3 of PKZip. Another useful web site
is the "Computer Virus Myths home page" (http://www.kumite.com/myths/)
which contains descriptions of several known hoaxes. In most cases,
common sense would eliminate Internet hoaxes.
Also, you can check out http://ciac.llnl.gov/ciac/CIACHoaxes.html ,
which is a clearinghouse for virus hoax information.
-Dave
Dave Stragand
Ketchum Public Relations, Pittsburgh
begin:vcard
n:Stragand;Dave
tel;cell:412-298-1239
tel;fax:412-456-3900
tel;home:412-822-7385
tel;work:412-456-3839
x-mozilla-html:TRUE
url:http://www.ketchum.com/
org:Ketchum (Pittsburgh)
adr:;;6 PPG Place, #1111;Pittsburgh;PA;15222;USA
version:2.1
email;internet:dave.stragand@ketchum.com
title:Desktop Analyst
note:Also see my personal webite for 1955-61 Chrysler Corporation vehicles:
http://www.geocities.com/~forwardlook
x-mozilla-cpt:;17392
fn:Dave Stragand
end:vcard
|
|
Back to the Home of the Forward Look Network