Korova Multimedia

Up to the "Hoax du Jour" home page
(home page)

US Secret Service: 4-1-9 scams
National Fraud Information Center: 4-1-9 scams
FBI: 4-1-9 scams
Better Business Bureau alert
The 419 Coalition
Scam o Rama: 120+ letters



Amazon.com: search for antivirus software

Public links to this specific article:
Also: this page, print-friendly

Got a question? Try
"The FAQ du Jour"

Previous "Hoax du Jour" columns

The "Hoax du Jour" Index

A More Wretched Hive of Scum & Villainy

Children's Crusade

Lingering Misinformation

Viral marketing is Now.

The Grinch is Real

Call Now!
(Int'l phone scams)

"You're Never Gonna Believe This..."

The Word Macro Spam 'Bot

Calls to Overreaction

Remote Explorer of My Eye

Internet Access Charges & Taxation

The Fear of AIDS (Needles)

Toxic Tampons

Death Threats and Disney Trips

The AOL Hacker Riot II

The "90# Phone Scam" Alert

E-j-mail Extortion

Phone Slamming

AOL Cookie

Click here for the "Hoax du Jour" top-level page.

Related topic: you know what e-mail is. But do you know what "e-v-mail" is?

Related topic: rate your own Internet alert (or just-received warning from a well-meaning friend) against the Korova Drop-dead Internet Alert guide.

Computer virus protection If you're not using anti-virus software, you need to consider getting some, and soon. Click here to choose some from Amazon.com. If you're connected to the Internet with an "always on," broadband connection (cable modem or DSL), consider getting some firewall software, or a hardware solution for your entire home network.

About the "Hoax du Jour"

The "Hoax du Jour" is a recurring column providing updated information and commentary on the Internet community. It is a feature of Korova Multimedia's "e-v-mail" page.

What is a "hoax du jour?" With the advent of widespread use of the Internet as a medium for sharing information, the phenomenon of sharing misinformation has exploded. Conventional urban folklore and propaganda have blossomed on the Internet. Intentionally misleading information is broadcast on a professional and personal level.

On the Web, misinformation wants to be free. It also likes to be free of authenticity and corroboration, when such grounding deflates the credibility of the content.

The result? Naive users of the Internet are subjected to a daily barrage of data that are erroneous, slanderous, and sometimes even destructive. This page is dedicated to discussing intentional misinformation, or 'Net hoaxes.

Disclaimer The opinions expressed here are entirely my own, and do not reflect policy or intentions of any persons, groups or companies referred to or linked from this site. I, my guest writers, or Korova Multimedia are not responsible for content or sites linked to from the "Hoax du Jour" column.

Kudos and links for
the "Hoax du Jour"

("Best of the Net")

Computer Virus Myths

The Curse of a Thousand Chain Letters

Lycos Guide: Urban Legends
(Top Rated Site)

The Motley Fool
("striking a blow for rationality")

(March, 2001)

("three stars")

Also on Korova.com

Clean the hoax-y taste from your mouth with Nonstop Anonymous Monotonous Onomatopoeia, just for fun.

Get a fresh perspective with Korova Truth.

Think outside, way outside, of the box at ChromeJob.com.

Other anti-hoax resources

Korova Multimedia: "e-v-mail"

Rob Rosenberger:
Computer Virus Myths

DoE CIAC - Hoaxbusters

Barbara Mikkelson:
Urban Legends Reference Pages

David Emery:
About.com guide to Urban Legends & Folklore

HoaxKill Service

Urban legend and computer security books

by Jan Harold Brunvand
Click to order this title from Amazon.com
The Baby Train
The Choking Doberman
Curses! Broiled Again!
The Mexican Pet
The Truth Never Stands In The Way Of A Good Story

Computer Security Basics (O'Reilly)

... or search Amazon.com for more books about hoaxes and urban legends...

Sponsor links:

July 29, 2001     

Since The Early Days, the Internet has proliferated as an open bazaar of information, goods and services that -- at least, in theory -- is open to all, with little of the segregation and discrimination that is present in our physical world. Just in the years in which I've authored this humble little column on my own web site, e-commerce and online media have become commonplace. No one blinks at Web URLs on TV commercials, movie trailers, and magazine ads.

Unfortunately, along with the good comes the bad. "Black hats," or unethical elements, have proliferated on the 'Net. Scams and rip-offs abound. Junk faxes laden with con game bait translate beautifully to spam e-mail (e-j-mail).

Make no mistake, Internet scams are on the rise. According to the Consumer Sentinel site (a joint law enforcement database), 19% of last year's complaints related to online auctions, online merchandise sales, Internet services, or other computer-related fraud. Other, more conventional forms of con games continue to take in increasing numbers of victims via the Internet: work-at-home scams, credit card offers, international phone fraud, "Advance Fee Fraud" cons. According to the Internet Fraud Watch statistics for 2000, initial contact via direct e-mail ("the bait") is on the rise. Think everything you get in your e-mail is authentic and trustworthy? Think again!

Internet forwardables also bring horror stories and warnings of dangers lurking around every corner (real and exaggerated). Nothing new about that. But some of the chain e-mails that warn of possible crimes can get the facts wrong, rendering the warning futile. Remember "The Boy Who Cried Wolf?" We'll start with one of those as an example.

Loopy ATM Crime (2000, 2001)

Several versions of the following warning have circulated on the Internet since January, 2000. The locale keeps changing (Houston, Texas; Dublin, Ireland; Melbourne, Australia), to keep it fresh; or maybe it keeps it from seeming stale.

For all of you who use ATM cards. Just wanted to warn you about something that happened to me the other day. I was getting some cash out at the cash point outside at HSBC George Street. I put my card in and a message came up on the screen saying the machine was temporarily out of order. A lady approached me and told me that this had happened to her the other day and what I needed to do was key my pin number in and then press cancel twice.

I did this and of course no card was returned. I left the machine thinking that it had swallowed my card. But when I returned to HSBC the following morning, my card wasn't there.

According to the police this method of stealing bankcards is called the Lebanese loop'. A plastic envelope is made up that fits the hole in the machine perfectly. When you put your card in, the machine knows it is there but cannot read it and therefore the message comes up on the screen....

There is some kernel of truth to this tale, but not enough to place this in the "fact" bin. There are two kinds of "Lebanese Loop" tactics to steal ATM cards and the all-valuable PIN. But rather than memorizing all the specific con games that anonymous forwardables warn you of, why not just practice some basic street smart common sense? Shield your PIN from prying eyes, don't even think of using an ATM with someone standing nearby ready to "shoulder surf," don't use ATMs with suspicious signs or instructions to do things which seem out of the ordinary. This goes for any occasion when you have your wallet out: be aware of your surroundings and anything out of the ordinary, and don't hesitate to listen to your intuition. If you get a hunch that "something just ain't right," then you're probably correct.

Slavemaster (2000)

A year after initial appearances, women are still receiving this hysterical warning to avoid any online contact with "Slavemaster."

If a guy by the name of SlaveMaster contacts you do not answer. He has killed 56 women that he has talked to on the internet.


He has been on {{ Yahoo- Aol-- Excite }} so far.

This is no JOKE.!!!!!!



Despite the questionable narrative, there really was a "Slavemaster," but that doesn't let this forwardable off the hoax hook. There's no evidence that suspected "Slavemaster" John Edward Robinson (apprehended and charged in June, 2000 12345) killed as many as 56 women; how would any anonymous e-mail writer know how many crimes an at-large murderer has committed? For all we know, this might have been written and distributed AFTER Robinson's arrest made national news, with the facts exaggerated.

My suggestion: don't forward this kind of uncorroborated warning when you get one, just remind your friends to be very cautious when divulging personal information to strangers (or within groups where unknown users can be "lurking") on the Internet. When in doubt (those little inner warning bells go off), don't. ... While you're at it, ask your friends not to forward every Internet horror story they receive. You might also drop a hint that they visit the Hoax du Jour home page!

Pay $2.69 a minute to learn about a virus? (2001)

Thank Rob Rosenberger of Vmyths.com to uncover this scam. An e-chain letter was making the rounds, urging readers to call a pay-per-minute 900 "hotline" phone number to hear a message about the MTX worm virus.

Why would you do this? Anti-virus firms like Sophos and Symantec will inform you for free. Answer ... this appears to have been no more than a scam to make money by exploiting computer virus hysteria. Shame on them.

Nigerian "4-1-9" money scams

For years, con artists in Nigeria and other third world countries have sent solicitations to potential victims requesting help in "rescuing" money from a seized bank account, for which a sizeable reward will be granted. These letters used to arrive by postal mail, then by fax, but now it seems that Internet e-mail is the most economical vector. Different versions mention Angola, Congo, and a long list of semi-fabricated names; the con's essentially the same every time.

USSS Operation 4-1-9
United States Secret Service

The perpetrators of Advance Fee Fraud (AFF), known internationally as "4-1-9" fraud after the section of the Nigerian penal code which addresses fraud schemes, are often very creative and innovative.

... The most common forms of these fraudulent business proposals fall into seven main categories:

  • Disbursement of money from wills
  • Contract fraud (C.O.D. of goods or services)
  • Purchase of real estate
  • Conversion of hard currency
  • Transfer of funds from over invoiced contracts
  • Sale of crude oil at below market prices

The most prevalent and successful cases of Advance Fee Fraud is the fund transfer scam. In this scheme, a company or individual will typically receive an unsolicited letter by mail from a Nigerian claiming to be a senior civil servant. In the letter, the Nigerian will inform the recipient that he is seeking a reputable foreign company or individual into whose account he can deposit funds ranging from $10-$60 million that the Nigerian government overpaid on some procurement contract.

Make no mistake, this is not "another silly hoax." The con is still very real, and the criminals who run the scam are real as well. You'd be amazed at how many people are duped by this seemingly obvious scam.

I've received several of these over the years. I was "picked out as someone who could be trusted" just as any e-j-mail artist might send me spam. I've exchanged e-mail and phone conversations with some of these folks. On one occasion, they insisted on sending me a pretty hokey fax transmission of, essentially, the same information they'd e-mailed me. On both occasions in which I responded, the con artists expressed a requirement that I travel to abroad to complete the deal. This is pretty common, and very risky. The U.S. Secret Service, which investigates these scams, states the following on their web site:

USSS Operation 4-1-9
United States Secret Service

Violence and threats of physical harm may be employed to further pressure victims. In June of 1995, an American was murdered in Lagos, Nigeria, while pursuing a 4-1-9 scam, and numerous other foreign nationals have been reported as missing.

Consider that more than fair warning to stay away from these people.

Timothy McVeigh's final hours (2001)

AMERICAN TERRORIST, the McVeigh book in question In the weeks before Timothy McVeigh's execution, the news media and (presumably) the American public found renewed interest in the terrorist responsible for the Oklahoma City bombing. Then, a forwardable, allegedly from an Oklahoma City fireman, urged netizens to boycott the book American Terrorist, and makes that oft-heard plea, "Please pass this on to everyone you know...." Turned out, the fireman named in the message did not write this, he only forwarded it (tsk, tsk). Among the message's oversights, proceeds from the book cannot go to McVeigh's pockets (or his estate's), by law.

So would boycotting the book have really accomplished anything? In my opinion, not really. Surely, what McVeigh did was horrific, but does that mean we have to ignore the event, and proscribe any discussion of it? Recently, he'd been on the front page (again) for weeks since the FBI disclosure of overlooked documents. Boycotting the book would not have made him any less infamous than he was, but forwarding the message to everyone you know certainly would focus more attention on the book and McVeigh, wouldn't it? In fact, perpetuating the forwarded e-mail campaign could only fan the flames of notoriety.

For myself, I don't believe in censorship of any kind, and that includes shunning information that I don't want (or like) ... and urging others to shun it as well, without exercising their own judgement. That's why the image above links to Amazon.com, where you are free to buy the book and decide for yourself. (If you think that's abominable, feel free to comment on the "Hoax du Jour" discussion forum.)

McVeigh execution video Trojan

The distasteful predilection for the McVeigh phenomenon didn't end with the beating of his black heart. Earlier in the spring, I predicted that the Jessica Koopmans missing child alert could carry a Trojan virus attachment, much like the Love Letter worm and other copycat nasties. A web page devoted to the search for the little girl alluded to a hoax that claimed the missing child alerts contained a virus instead of a JPEG image. My prediction that some sick fellow would actually do this ... came very close to being true.

The media reported in late spring that messages claiming to carry fabled bootleg video of Timothy McVeigh being executed actually contain the Sub7 Trojan, which turns Windows computers into "zombies" for hacker DDoS attacks. Oddly, this virus e-mail wasn't seen much "in the wild," only the news media knew much about it, leading me to believe that this was anti-virus software marketing in action, not a real danger. Furthermore, the authorities reported that no "video" existed of the execution in the first place.

Home Page virus and other e-mail dangers (2001)

This brings up a perennial topic. Let's talk about e-mail safety.... There's been a lot of news, and worry, about e-mail-borne viruses, Trojan attachments (Home Page virus, Love Letter virus, Kournikova virus, Win32/SirCam), and spam-a-friend problems. The "Home Page virus" was a rerun of last year's "Love Letter virus." Nothing new here, folks, same old, same old. NEVER run attachments which you aren't expecting, or from someone you don't know. Can an unexpected e-mail attachment from a friend be considered safe? NO. Most recent e-mail Trojans use security weaknesses in Microsoft e-mail clients to send more Trojans out to addresses in the mail program's Address Book. That means users are spamming friends and coworkers with virii immediately after opening a Trojan-type virus.

A recent newsletter from Audri and Jim Lanford's Internet ScamBusters (which I recommend highly, by the way!) pointed up some important safeguards, which I'd like to share with you (again).

  1. Turn off JavaScript support in your e-mail program. Simple enough; see your e-mail program documentation to find out how. (OR ... don't use a scripting-enabled mailer.) If you don't know how, get help.
  2. Use a good, reliable anti-virus program that specifically protects against mail attachments and web-borne viruses. And that's not all! Keep your program UPDATED with latest definition files. (Most major programs include a scheduler program which will do this for you, but you MUST ENABLE IT.) If you don't know how to do this, get help.
  3. Don't run e-mail attachments. (This is a bit extreme, but it IS an effective form of protection. Some people recommend that if you follow this rule faithfully, you shouldn't need anti-virus software. I disagree.)

To this list, I add the following:

  1. I'll modify Scambusters' advice immediately above to this: ... DON'T run any attachments or click links in e-mail from people you don't know, or e-mail that you don't why you got it. Is this paranoid? Yes. Could this make you miss out on something you might have been interested in? Yes, once in a while. Will this protect you from some of the common e-mail Trojans and scams that have made headlines? Generally, yes; but only some of them. Is it worth it? I think so. But YOU DECIDE for yourself.
  2. Don't run ANY attachments you get, even from friends or coworkers, right from the e-mail program (that is, double-clicking e-mail attachments). Take the few extra seconds to save it to your hard drive, SCAN IT with anti-virus software (see above), then run it IF you believe it's safe. If you don't know how to do all this, get help.
  3. Consider using an e-mail program OTHER than Microsoft Outlook or Outlook Express unless your employer requires it (and if they do, they probably have server-side protection for viruses and Trojans). There are simply too many ways to exploit it. The recent Kournikova virus wasn't even written by a programmer; he used a "point, click, voila!" do-it-yourself virus kit. Yikes. There are plenty of alternatives out there: Eudora, Netscape Communicator, Pegasus. Many of the web-based "free-mail" providers have built-in support for screening attachment viruses, as well. Read their Help pages to find out more.

Digerati say that information wants to be free. It may be true, but there are con artists and unethical businessmen out there who want to make a buck off your naivete. Proceed with caution. Take your daily dose of skepticism and healthy suspicion when you go online.

David Spalding

© Copyright 2001 D.B. Spalding/Korova Multimedia. All rights reserved.







What's new?