Hoaxes

Have you ever gotten an email message like this?

BIGGGG TROUBLE !!!! DO NOT OPEN "WTC Survivor"
It is a virus that will erase your whole "C" drive. It will come to 
you in the form of an E-Mail from a familiar person. I repeat a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can't even start his computer! Forward this to everyone in your address book. I would rather receive this 25 times than not at all. If you receive an email called "WTC Survivor" do not open it. Delete it right away! This virus removes all dynamic link libraries  (.dll files) from your computer.

Again,,,  I urge all of you to make sure your virius scanners are up to date daily!!!!!!
FG

Sounds very bad, doesn't it? My, what a horrible virus. It, and others like it, will eat your hard drive, destroy your email, infect every other machine on your network and listed in your address book, and even perhaps give you cookies and make your car break down!

This email and others like it are simply hoaxes? How do I know they are a hoax and not a real warning? Here's how it works. A virus propagates (reproduces) by automatically sending itself to all of the addresses in your address book. This is a fairly complex piece of code, requiring a little knowledge on the part of the person who created the virus.

Well, instead of writing code to propagate something, why not ask some gullible people to do it for you? That's what these hoaxes are all about - the "virus" is the email message and the delivery system is human being. 

Why will people do this? Sometimes it's just for a laugh, and sometimes it's for more insidious reasons. Someone could send out a message which claimed that any message from AOL contained a virus, for example, in an effort to make AOL look bad. 

Here is one of the first hoaxes known to have been sent out across the internet. It went out in 1988.

SUBJ: Really Nasty Virus
AREA: GENERAL (1)

I've just discovered probably the world's worst computer virus yet. I had just finished a late night session of BBS'ing and file treading when I exited Telix 3 and attempted to run pkxarc to unarc the software I had downloaded. Next thing I knew my hard disk was seeking all over and it was apparently writing random sectors. Thank god for strong coffee and a recent backup. Everything was back to normal, so I called the BBS again and downloaded a file. When I went to use ddir to list the directory, my hard disk was getting trashed again. I tried Procomm Plus TD and also PC Talk 3. Same results every time. Something was up so I hooked up to my test equipment and different modems (I do research and development for a local computer telecommunications company and have an in-house lab at my disposal). After another hour of corrupted hard drives I found what I think is the world's worst computer virus yet. The virus distributes itself on the modem sub- carrier present in all 2400 baud and up modems. The sub-carrier is used for ROM and register debugging purposes only, and otherwise serves no othr (sp) purpose. The virus sets a bit pattern in one of the internal modem registers, but it seemed to screw up the other registers on my USR. A modem that has been "infected" with this virus will then transmit the virus to other modems that use a subcarrier (I suppose those who use 300 and 1200 baud modems should be immune). The virus then attaches itself to all binary incoming data and infects the host computer's hard disk. The only way to get rid of this virus is to completely reset all the modem registers by hand, but I haven't found a way to vaccinate a modem against the virus, but there is the possibility of building a subcarrier filter. I am calling on a 1200 baud modem to enter this message, and have advised the sysops of the two other boards (names withheld). I don't know how this virus originated, but I'm sure it is the work of someone in the computer telecommunications field such as myself. Probably the best thing to do now is to stick to 1200 baud until we figure this thing out. Mike RoChenle

So what should you do if you receive a warning about some horrible virus? Generally, if these demand to be sent to everyone you know, it's a hoax. If you are unsure, then check out the following site:

Symantic Antivirus Research Center - http://www.sarc.com

Go to the search page and enter a few words from the message claiming to warn you about a horrible virus. Behold, you will now read about the hoax. In fact, here's the datasheet on the virus mentioned at the start of this article:

http://securityresponse.symantec.com/avcenter/venc/data
/wtc.survivor.hoax.html

In any event, hoax or not, it's a good idea to just file the email or delete it. Don't send it on to all of your friends. Don't do anything dramatic. These things only gain power when people give them power.

In other words, maintain your reason and don't give in to an emotional response which simply floods email inboxes with junk.

Additional Information

  • Backing Up Your stuff - Part 1 Backup may seem to be a pain, but it's one of the most important things that you can do to protect your system.
  • Backing up your system is an essential part of your security scheme Backups are extremely critical to keep your system secure. If your system is damaged by a virus or an intruder you have a way to recover. Remember, however, that you must think through and test your scheme. 
  • Products - Norton Antivirus You need antivirus protection for your computer. Norton Antivirus is by far and away the best solution for the desktop.
  • Products - ZoneAlarm Pro ZoneAlarm Pro is quite possibly the best firewall product for personal home use that currently exists. Highly recommended.
  • The Ultimate In Virus Protection Learn how to protect your computer and your hard work. Start with a backup plan, install antivirus software and subscribe to newsletters.
  • Viruses The most important thing you can do to protect your system is install a virus checker (also known as an anti-virus program). These programs will scan your system for viruses and Trojan horses and delete or repair them. There are several products including those by McAfee and Norton (Symantec).