Articles
Writers

The Virus Threat


© Jeff Johnston

Lesson 4: Conclusion

Viruses are dangerous, you should know how to protect against them, however there is no reason to panic over viruses. The media tends to make viruses seem like they can destroy your computer at any time, this is not the case. You can maintain a relatively safe computer with a little bit of understanding and vigilance. Research any new viruses you hear about to make sure that the threat is real, if it is make sure your virus scanner is up to date.

Don't Panic

Not everything that can go wrong with a computer can be blamed on a virus, and not every virus that you hear about is real. In this lesson you will learn how to tell if a problem is viral or not, and how to spot a hoax.

Common problems mistakenly identified as viruses

Now that we have briefly covered what is a virus, it is time to discuss what is not a virus. Many things can go wrong with a computer which some try to blame on viruses, but most of the time it is not a virus that is the cause.

  • Hardware problems are rarely the result of viruses, there are no known viruses that can physically damage the hardware of your computer.
  • The computer booting up without display, issuing beep codes. This is most likely a hardware problem, and again viruses cannot cause hardware problems.
  • If you have two virus programs running they may register each other as a virus.
  • The label on a hard disk has changed. While a virus could change the label of a disk, this is not necessarily a sign of a virus.
  • While running scan disk your virus program reports virus like activity. Scan disk alters your disk and rewrites many files, this appears, to virus programs, very suspicious however it is not mean your scan disk program is infected.

What is a hoax

A hoax is a false virus-warning message sent out to scare people.

Why send out a hoax? To see how far it will go. Do you remember the childhood game broken telephone? You know, you whisper something in someone's ear, they whisper it in the next person's ear and it goes around a circle until it comes back to you, the message almost always changed, some people like to send out false warnings just to see if it will end up in their mailbox, and if so if it changed. It is a twisted game of broken telephone to these people. It is amazing the number of people who send virus warnings on to everyone in their mailbox just because someone heard that someone claimed that the next most dangerous virus has hit [insert name of well-known company].

How to detect a hoax

This is when a hoax uses a big, trusted name in order to lend authority to a hoax. If Joe Blow, who barely knows how to turn on a computer sent you a warning about a virus he heard about that deletes your hard drive without citing a source you probably would ignore it as spam. What if Joe Blow received a message from a high powered executive of Microsoft claiming that their network was down for 18 hours due to this new and deadly computer virus, what if it even appeared that it was the very letter Joe received forwarded to your mailbox? Would you still ignore it? Do you dare ignore it? The nearly irresistible urge to trust this message is called False Authority Syndrome. Hoaxers rely on False Authority Syndrome to perpetuate their messages, they know you won't be able to resist sending the message from the VP of Network Technology of Microsoft Inc. after all, what if it were true, wouldn't you rather send a few messages off to your friends just in case, that way they are prepared at least, right?

Hoaxes are not limited to virus hoaxes. There are other varieties as well. Some claim that you can earn money just by forwarding the email on to five of your friends thanks to a wonderful new email tracking system that Microsoft developed. Let's take a look at a few of the more common hoaxes and I will show you the main reasons that you can tell they are hoaxes:

Letters taken from Symantec's Hoaxes Page

Letter #1:

Netscape and AOL have recently merged to form the largest Internet Company in the world. In an effort to remain at pace with this giant, Microsoft has introduced a new email tracking system as a way to keep Internet Explorer as the most popular browser on the market. This email is a beta test of the new software and Microsoft has generously offered to compensate who participate in the testing process. For each person you send this email to, you will be given $5. For every person they give it to, you will be given an additional $3. For every person they send it to you will receive $1. Microsoft will tally all the emails produced under your name over a two Week period and then email you with more instructions. This beta test is only for Microsoft Windows users because the email tracking device that contacts Microsoft is embedded into the code of Windows 95 and 98. I know you guys hate forwards. But I started this a month ago because I Was very short on cash. A week ago I got an email from Microsoft asking me For my address. I gave it to them and yesterday I got a check the mail for $800. It really works. I wanted you to get a piece of the action. You won't regret it.

Ok the main tip off in this one is that the email tracking system they describe, even if it were possible (which by the way it is not), it would be a major breach of privacy laws. If Microsoft could track every email you sent, and who it was sent to, that would be like the post office keeping detailed records of everyone you sent mail too and everyone who mailed you. Even if it weren't illegal, even if it were technically possible, what would be the point?

Letter #2:

Warning on December 31, 1999 you may receive an email called, Happy New Year...do not open it, it contains a deadly virus...it will erase windows from your computer along with many other program files.Pass this on as soon as you can to get the WORD out!!!This is not a hoax....this was reported on CNN on Tuesday the 2nd November 1999!

Ok lots of hints in this one. "This is not a hoax", right, sure its not. Hoaxes love to claim they are not hoaxes, as if it gave them more credibility. "This was reported on CNN on Tuesday the 2nd November 1999!", CNN has a website, every story they report on is on the site, if this were a true warning why didn't the sender look up the link so that you would be able to read about it yourself.

Letter #3

Sample 1

Dear All,
For your reference, take necessary precautions. If you receive an email with a file called California, do not open the file. The file contains WOBBLER virus. WARNING This information was announced yesterday morning from IBM; AOL states that this is a very dangerous virus, much worse than "Melissa", and that there is NO remedy for it at this time. Some very sick individual has succeeded in using the reformat function from Norton Utilities causing it to completely erase all documents on the hard drive. It has been designed to work with Netscape Navigator and Microsoft Internet Explorer. It destroys Macintosh and IBM compatible computers. This is a new, very malicious virus and not many people know about it.


Sample 2

VIRUS ALERT If you receive an email with a file called "California" do not open the file. The file contains the virus. This information was announced yesterday morning by IBM. The report says that "this is a very dangerous virus, much worse than "Melissa" and there is NO remedy for it at this time. Some very sick individual has succeeded in using the reformat function from Norton Utilities causing it to completely erase all documents on the hard drive. It has been designed to work with Netscape Navigator and Microsoft Internet Explorer. It destroys Macintosh and IBM compatible computers. This is a new, very malicious virus and not many people know about it at this time. Please pass this warning to everyone in your address book and share it with all your online friends asap so that the destruction it can cause may be minimized.

Two versions of this one, one of them added a sense of urgency by claiming "This information was announced yesterday morning by IBM." Well that just clarifies that it is a hoax. IBM DOES NOT issue virus warning, they do not research viruses, nor does Microsoft, or any other major computer manufacturer nor even most software companies. Why would they? It is not their responsibility it's yours. In sample two they use one of my favorite pointers "Please pass this warning to everyone in your address book and share it with all your online friends ASAP…." This is a sure sign of a hoax, if the virus warning was legitimate that why not let it stand on its own merit, if it were bad enough wouldn't you pass on the story to your friends without having to be told to?

Letter #4

Hi,
This week, there is a new virus that terrorizes internet. The big virus fighters like Symantec and McAfee are yet to find a solution to clear this virus, even though it is known for months. They do have a name for this virus: HOAX-NL-MD-20010401. A solution is feverishly sought for to prevent total disaster on internet. Viruses like Kournikova and Iloveyou are child play compared to this virus.

The name of the file that causes the contamination is CLEANMGR.EXE
If you find this file on your system you should delete it!!!
It is an EXTREMELY DANGEROUS VIRUS!!!!!!!
After it is installed on your system, it is started on the 28th of the month and it will delete the registry and email important system data and passwords to certain news groups. Everyone reading these (changing) news groups can use your dial up data, actually your complete system is unusable thereafter. It should be reinstalled completely.

However, if you follow these steps the problem is solved:
1. Click START
2. Click SEARCH
3. Click FOR FILES OR FOLDERS
4. Type "CLEANMGR.EXE" in the name field and at "Look in" select MY COMPUTER
5. If you find the file, click it once and then click it with the right mouse button.
6. Select DELETE
7. Open the Recycle Bin or go to the Desktop
8. In the menu, select EMPTY RECYCLE BIN

If you execute these steps, you will certainly not be hit by this virus.

Also forward this message to everyone you know and keep an eye on the most important anti-virus sites constantly:
http://www.symantec.com

This message is one of the best hoaxes I have seen, if it wasn't for the fact that I recognized the file they are claiming needs to be deleted as a windows file I would be tempted to research it to see if it was indeed a legitimate warning. The hoax has a definite big clue in the message though, the name of the imaginary virus is "HOAX-NL-MD-20010401".

What to do about hoaxes:

If you know for a fact that a warning is a hoax then do absolutely, positively, nothing. Don't give them the pleasure, don't send a message to everyone who received the warning telling them do not send it on, and to send a message about the hoax to everyone who ever received it, you are just perpetuating the intent of the hoax. If you feel you must do something, send the person who sent you the warning a note saying that the message is a hoax, and not to send it on, inform them about hoaxes, or point them to this class so they can learn about real viruses themselves.

If a warning looks suspicious, but you don't know for sure, research it. Check out Symantec's Security Response page or Sophos virus info page or any other virus makers website, they all have a virus database that you can search to see if the virus is known. If the warning cites certain sources such as CNN check out the source, go to cnn.com and search for the story on the supposed virus. Or you can search hoax pages to see if the letter you received matches known hoaxes.

Computer Emergency Response Teams list of Hoax and chain letter databases:

  • Charles Hymes' Hoaxes

http://www.nonprofit.net/hoax

  • CIAC (Computer Incident Advisory Capability)

Internet Hoaxes--how to identify a new hoax or valid warning, what to do
http://hoaxbusters.ciac.org/HBHoaxInfo.html
Internet Chain Letters--how to recognize a new chain letter, what to do
http://hoaxbusters.ciac.org/HBHoaxInfo.html

  • Command Software - Virus Hoaxes

http://www.commandcom.com/virus/virus_hoaxes.html

  • Computer Virus Myths home page

Rob Rosenberger's links to computer virus myths, hoaxes, urban legends
http://www.kumite.com/myths/

  • Data Fellows - Hoax warnings

http://www.datafellows.com/virus-info/hoax/
http://www.europe.datafellows.com/virus-info/hoax/ [mirror]

  • IBM antivirus online - hype alerts!

http://www.av.ibm.com/BreakingNews/HypeAlert/

  • ICSA - Hoax Information

http://www.icsa.net/html/communities/antivirus/hoaxes/

  • iRiS Software's Virus Lab - Virus Hoaxes

http://www.irisav.com/lab/hoax.htm

  • McAfee - Virus Information Library - Virus Hoaxes

http://vil.mcafee.com/hoax.asp

  • Network Associates - Virus Library - Hoaxes

http://www.nai.com/asp_set/anti_virus/library/hoaxes.asp

  • Panda Software - Virus Encyclopedia - Hoaxes and Jokes

http://www.pandasoftware.com/library/hoax.htm

  • Sophos Virus info - hoaxes and scares

http://www.sophos.com/virusinfo/scares/

  • Symantec AntiVirus Research Center (SARC) - Virus Hoaxes

http://www.symantec.com/avcenter/hoax.html



1  2   Next Page

Print this Page Print this page



about us Limelight Blog freelance writing jobs careers press room Site Map Terms & Conditions Privacy Policy