Amazon.com: search for antivirus software

Public links to this specific article:
http://www.korova.com/virus/hoax20010725.htm
Also: this page, print-friendly

Got a question? Try
"The FAQ du Jour"

July 29, 2001     

Since The Early Days, the Internet has proliferated as an open bazaar of information, goods and services that -- at least, in theory -- is open to all, with little of the segregation and discrimination that is present in our physical world. Just in the years in which I've authored this humble little column on my own web site, e-commerce and online media have become commonplace. No one blinks at Web URLs on TV commercials, movie trailers, and magazine ads.

Unfortunately, along with the good comes the bad. "Black hats," or unethical elements, have proliferated on the 'Net. Scams and rip-offs abound. Junk faxes laden with con game bait translate beautifully to spam e-mail (e-j-mail).

Make no mistake, Internet scams are on the rise. According to the Consumer Sentinel site (a joint law enforcement database), 19% of last year's complaints related to online auctions, online merchandise sales, Internet services, or other computer-related fraud. Other, more conventional forms of con games continue to take in increasing numbers of victims via the Internet: work-at-home scams, credit card offers, international phone fraud, "Advance Fee Fraud" cons. According to the Internet Fraud Watch statistics for 2000, initial contact via direct e-mail ("the bait") is on the rise. Think everything you get in your e-mail is authentic and trustworthy? Think again!

Internet forwardables also bring horror stories and warnings of dangers lurking around every corner (real and exaggerated). Nothing new about that. But some of the chain e-mails that warn of possible crimes can get the facts wrong, rendering the warning futile. Remember "The Boy Who Cried Wolf?" We'll start with one of those as an example.

Loopy ATM Crime (2000, 2001)

Several versions of the following warning have circulated on the Internet since January, 2000. The locale keeps changing (Houston, Texas; Dublin, Ireland; Melbourne, Australia), to keep it fresh; or maybe it keeps it from seeming stale.

There is some kernel of truth to this tale, but not enough to place this in the "fact" bin. There are two kinds of "Lebanese Loop" tactics to steal ATM cards and the all-valuable PIN. But rather than memorizing all the specific con games that anonymous forwardables warn you of, why not just practice some basic street smart common sense? Shield your PIN from prying eyes, don't even think of using an ATM with someone standing nearby ready to "shoulder surf," don't use ATMs with suspicious signs or instructions to do things which seem out of the ordinary. This goes for any occasion when you have your wallet out: be aware of your surroundings and anything out of the ordinary, and don't hesitate to listen to your intuition. If you get a hunch that "something just ain't right," then you're probably correct.

Slavemaster (2000)

A year after initial appearances, women are still receiving this hysterical warning to avoid any online contact with "Slavemaster."

Despite the questionable narrative, there really was a "Slavemaster," but that doesn't let this forwardable off the hoax hook. There's no evidence that suspected "Slavemaster" John Edward Robinson (apprehended and charged in June, 2000 _{1, 2, 3, 4, 5}) killed as many as 56 women; how would any anonymous e-mail writer know how many crimes an at-large murderer has committed? For all we know, this might have been written and distributed AFTER Robinson's arrest made national news, with the facts exaggerated.

My suggestion: don't forward this kind of uncorroborated warning when you get one, just remind your friends to be very cautious when divulging personal information to strangers (or within groups where unknown users can be "lurking") on the Internet. When in doubt (those little inner warning bells go off), don't. ... While you're at it, ask your friends not to forward every Internet horror story they receive. You might also drop a hint that they visit the Hoax du Jour home page!

Pay $2.69 a minute to learn about a virus? (2001)

Thank Rob Rosenberger of Vmyths.com to uncover this scam. An e-chain letter was making the rounds, urging readers to call a pay-per-minute 900 "hotline" phone number to hear a message about the MTX worm virus.

Why would you do this? Anti-virus firms like Sophos and Symantec will inform you for free. Answer ... this appears to have been no more than a scam to make money by exploiting computer virus hysteria. Shame on them.

Nigerian "4-1-9" money scams

For years, con artists in Nigeria and other third world countries have sent solicitations to potential victims requesting help in "rescuing" money from a seized bank account, for which a sizeable reward will be granted. These letters used to arrive by postal mail, then by fax, but now it seems that Internet e-mail is the most economical vector. Different versions mention Angola, Congo, and a long list of semi-fabricated names; the con's essentially the same every time.

Make no mistake, this is not "another silly hoax." The con is still very real, and the criminals who run the scam are real as well. You'd be amazed at how many people are duped by this seemingly obvious scam.

I've received several of these over the years. I was "picked out as someone who could be trusted" just as any e-j-mail artist might send me spam. I've exchanged e-mail and phone conversations with some of these folks. On one occasion, they insisted on sending me a pretty hokey fax transmission of, essentially, the same information they'd e-mailed me. On both occasions in which I responded, the con artists expressed a requirement that I travel to abroad to complete the deal. This is pretty common, and very risky. The U.S. Secret Service, which investigates these scams, states the following on their web site:

Consider that more than fair warning to stay away from these people.

Timothy McVeigh's final hours (2001)

In the weeks before Timothy McVeigh's execution, the news media and (presumably) the American public found renewed interest in the terrorist responsible for the Oklahoma City bombing. Then, a forwardable, allegedly from an Oklahoma City fireman, urged netizens to boycott the book American Terrorist, and makes that oft-heard plea, "Please pass this on to everyone you know...." Turned out, the fireman named in the message did not write this, he only forwarded it (tsk, tsk). Among the message's oversights, proceeds from the book cannot go to McVeigh's pockets (or his estate's), by law.

So would boycotting the book have really accomplished anything? In my opinion, not really. Surely, what McVeigh did was horrific, but does that mean we have to ignore the event, and proscribe any discussion of it? Recently, he'd been on the front page (again) for weeks since the FBI disclosure of overlooked documents. Boycotting the book would not have made him any less infamous than he was, but forwarding the message to everyone you know certainly would focus more attention on the book and McVeigh, wouldn't it? In fact, perpetuating the forwarded e-mail campaign could only fan the flames of notoriety.

For myself, I don't believe in censorship of any kind, and that includes shunning information that I don't want (or like) ... and urging others to shun it as well, without exercising their own judgement. That's why the image above links to Amazon.com, where you are free to buy the book and decide for yourself. (If you think that's abominable, feel free to comment on the "Hoax du Jour" discussion forum.)

McVeigh execution video Trojan

The distasteful predilection for the McVeigh phenomenon didn't end with the beating of his black heart. Earlier in the spring, I predicted that the Jessica Koopmans missing child alert could carry a Trojan virus attachment, much like the Love Letter worm and other copycat nasties. A web page devoted to the search for the little girl alluded to a hoax that claimed the missing child alerts contained a virus instead of a JPEG image. My prediction that some sick fellow would actually do this ... came very close to being true.

The media reported in late spring that messages claiming to carry fabled bootleg video of Timothy McVeigh being executed actually contain the Sub7 Trojan, which turns Windows computers into "zombies" for hacker DDoS attacks. Oddly, this virus e-mail wasn't seen much "in the wild," only the news media knew much about it, leading me to believe that this was anti-virus software marketing in action, not a real danger. Furthermore, the authorities reported that no "video" existed of the execution in the first place.

Home Page virus and other e-mail dangers (2001)

This brings up a perennial topic. Let's talk about e-mail safety.... There's been a lot of news, and worry, about e-mail-borne viruses, Trojan attachments (Home Page virus, Love Letter virus, Kournikova virus, Win32/SirCam), and spam-a-friend problems. The "Home Page virus" was a rerun of last year's "Love Letter virus." Nothing new here, folks, same old, same old. NEVER run attachments which you aren't expecting, or from someone you don't know. Can an unexpected e-mail attachment from a friend be considered safe? NO. Most recent e-mail Trojans use security weaknesses in Microsoft e-mail clients to send more Trojans out to addresses in the mail program's Address Book. That means users are spamming friends and coworkers with virii immediately after opening a Trojan-type virus.

A recent newsletter from Audri and Jim Lanford's Internet ScamBusters (which I recommend highly, by the way!) pointed up some important safeguards, which I'd like to share with you (again).

1. Turn off JavaScript support in your e-mail program. Simple enough; see your e-mail program documentation to find out how. (OR ... don't use a scripting-enabled mailer.) If you don't know how, get help.
2. Use a good, reliable anti-virus program that specifically protects against mail attachments and web-borne viruses. And that's not all! Keep your program UPDATED with latest definition files. (Most major programs include a scheduler program which will do this for you, but you MUST ENABLE IT.) If you don't know how to do this, get help.
3. Don't run e-mail attachments. (This is a bit extreme, but it IS an effective form of protection. Some people recommend that if you follow this rule faithfully, you shouldn't need anti-virus software. I disagree.)

To this list, I add the following:

4. I'll modify Scambusters' advice immediately above to this: ... DON'T run any attachments or click links in e-mail from people you don't know, or e-mail that you don't why you got it. Is this paranoid? Yes. Could this make you miss out on something you might have been interested in? Yes, once in a while. Will this protect you from some of the common e-mail Trojans and scams that have made headlines? Generally, yes; but only some of them. Is it worth it? I think so. But YOU DECIDE for yourself.
5. Don't run ANY attachments you get, even from friends or coworkers, right from the e-mail program (that is, double-clicking e-mail attachments). Take the few extra seconds to save it to your hard drive, SCAN IT with anti-virus software (see above), then run it IF you believe it's safe. If you don't know how to do all this, get help.
6. Consider using an e-mail program OTHER than Microsoft Outlook or Outlook Express unless your employer requires it (and if they do, they probably have server-side protection for viruses and Trojans). There are simply too many ways to exploit it. The recent Kournikova virus wasn't even written by a programmer; he used a "point, click, voila!" do-it-yourself virus kit. Yikes. There are plenty of alternatives out there: Eudora, Netscape Communicator, Pegasus. Many of the web-based "free-mail" providers have built-in support for screening attachment viruses, as well. Read their Help pages to find out more.

Digerati say that information wants to be free. It may be true, but there are con artists and unethical businessmen out there who want to make a buck off your naivete. Proceed with caution. Take your daily dose of skepticism and healthy suspicion when you go online.

David Spalding