We've received them in our emails, ICQ's, and heard about them from people in chat. We get them forwarded from friends who just want to help. Sometimes you get 4 or 5 of the same warnings a day. I'm sure you know what I'm talking about. Warnings about viruses that can wipe out your hard drive and destroy your computer.

Most of these warnings are about fake viruses, but how do you know what is a hoax and what isn't?


How to Identify a Hoax:

There are two things that make a successful virus hoax, they are:

(1) technical sounding language
(2) credibility by association

If the warning uses the proper technical jargon, most people tend to believe the warning is real. For example, the Good Times hoax says that "...if the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor...".
The first time you read this, it sounds like it might be something real. With a little research, you find that there is no such thing as an nth-complexity infinite binary loop and that processors are designed to run loops for weeks at a time without damage.

If the email comes from someone important sounding like "President of Internet Computers Association" or something along those lines, you think "Gee, this person must be important he's the president of the company." Anyone can call themselves the president of a company!

Add the fact that the email was forwarded by a friend, and you have a hoax in the making.

Be especially alert if the warning urges you to pass it on to your friends. This should raise a red flag that the warning may be a hoax. Another flag to watch for is when the warning indicates that it is a Federal Communication Commission (FCC) warning. According to the FCC, they have not and never will disseminate warnings on viruses. It is not part of their job.

CIAC recommends that you DO NOT circulate virus warnings without first checking with an authoritative source. Authoritative sources are your computer system security administrator or a computer incident advisory team.

Real warnings about viruses and other network problems are issued by different response teams (CIAC, CERT, ASSIST, NASIRC, etc.) and are digitally signed by the sending team using PGP. If you download a warning from a teams web site or validate the PGP signature, you can usually be assured that the warning is real. Warnings without the name of the person sending the original notice, or warnings with names, addresses and phone numbers that do not actually exist are probably hoaxes.


True facts about email viruses

1. A virus like program can not spread in an e-mail message. While an infected program could be attached to an e-mail message, the e-mail message itself cannot contain one in any form that could be executed.

2. A virus or Trojan horse program can not infect a system by simply being read. The current mail readers do not execute an e-mail message, they display it on the screen for you to read. You must take care when downloading an attachment to an e-mail message. In some mail readers you can double click on the attachment icon to have it extracted and opened by whatever program created it. If that attachment is a program, it is downloaded and run, and running any program you have not scanned could cause you to be infected with a virus.

What all this means is you CAN NOT get a virus from reading an email.

BUT if you open an attachment in your email it would be possible to get a virus.

BEFORE forwarding that email virus warning along to all your friends, find out if it's really true!
Most anti-virus companies have a web page containing information about most known viruses and hoaxes. You can also call or check the web site of the company that produces the product that is supposed to contain the virus. Another useful web site is the Computer Virus Myths home page which contains descriptions of several known hoaxes.

Copyright © 1998-99 The F.U.N. Place. All rights reserved