bluestarultor
09-04-2010, 06:42 PM
The answer is probably no, but I need validation. I'm sick and tied of chain letters, but there's jack I can do about the religious and political ones. So I decided to fight fire with fire in my area of expertise.
Please note THIS HAS NOT GONE OUT YET. I'm looking for feedback and possibly some means of not feeling dirty for having written this and considered sending it out into the world if any exist. :sweatdrop
Tagline: How to spot a virus hoax. Please read.
Like many young people with parents, sometimes the combination between adults and technology I take for granted makes me regret ever having introduced them to it. Email is a wonderful thing, but like any mail system, it gets abused. People try to sell you things, send chain letters, and sometimes even send you a package holding something nasty.
So when it comes to virus alerts, a lot of people feel it's better safe than sorry. It's a good policy in general, but when someone who knows computers gets a virus hoax, groans ensue.
Virus hoaxes are chain letters. They're no different from the ones saying bad things will happen to cute animals if you don't pass them on. Sometimes virus hoaxes even contain REAL viruses. Never click a link or attachment in one. It's just not worth the risk.
My name is Joseph Bauer and I'm a computer science major. I'm nobody fancy, but I grew up with computers and it's my job to know what I'm talking about. After getting a lot of these types of messages, I've decided to try to educate people in hopes that I and others of my generation can breathe a collective sigh of relief instead of having to explain time and again that the virus email you sent is a hoax.
1.) Appeal to authority.
This goes something like "I have a friend who works for Microsoft" or some other relationship with some other company with inside info. The important thing is that you'll have heard of the company and it's a name you associate with computers. Even if nobody actually involved in finding or fixing viruses is mentioned, like Intel, hoax writers know that most people won't know the difference or that it won't occur to them. Having it come from a "real person" or simply straight from a major company skillfully avoids opening the door to basic research. In these cases, it's usually combined with how new it is or how it's not well-known yet so that you may not even try.
A second approach throws caution to the wind and says a major news agency has reported that someone like McAfee has reported a virus to someone like Microsoft. One of the biggest tip-offs is when you start seeing big names all over the place, especially news media. They know you trust the major news networks enough that you won't rush out to check if they really ran the story before forwarding the message. The truth is that they never have and never will. Companies like Microsoft and McAfee have a working relationship in order to keep silence on the issue until the issue is fixed on all ends, but hoax writers know you don't know that. Adding more big names casts a wide net to make sure there's at least one company you know and can make the problem sound bigger.
A newer, hipper tactic is to say Snopes has confirmed it. They may even have a convenient link right there for you. Again, do not click the link. It may redirect you to a page with a real virus on it. If they're really creative, it might take you to a fake Snopes page. If they mention Snopes, go to Snopes yourself. I've also gotten some that have a link to a real Snopes page that confirms... that it's a hoax. Why would someone post a link to a page they knew would say they were lying? Because they know that a lot of people won't bother to check. If you say something and post a link to a source, a lot of people take it for granted or don't have the time to read it.
2.) Claims.
Here's a favorite: a lot of them say something to the effect of "this virus will delete Sector Zero on your hard drive, which will permanently prevent it from functioning." First off, there is no "sector zero." Second, even if there was, any drive made since the mid-1990s had its basic data framework (which is actually spread over the whole disk) set at the factory and it can't be changed. This rule applies to any other thing that might be deleted. Deleting data will never cause permanent damage to anything but your data. Even if all your data was totally wiped, the hard drive doesn't rely on any of it for its basic inner workings.
Another one they like to use is that it's the "worst virus ever." That's just to scare you. Those types of things aren't declared until after the virus has already done millions or even billions of dollars in damage and been on the news. You're not going to hear about it first in an email. Viruses spread fast. By the time you'd get the message, you'd already have had days or even weeks to be potentially infected.
As I said earlier, a lot of times they'll claim that the virus is new or not well-known to try to discourage research. If you look and don't find anything, they have it covered. But with Google Search around, if you look, you probably WILL find something. That something will be a page exposing it as a hoax. Claiming there's no information available in this information age just isn't realistic. If someone actually got the virus, there'd at least be a forum post somewhere.
A fourth one that gets tossed around is that the virus will somehow destroy your hardware. One off the top of my head is "burning" your hard disk. This is simply not possible. No software in the world is capable of causing physical damage. Unless someone finds a way to write one that directs a bolt of lightning at your house, this will never be an issue.
Lastly, a lot of them claim the virus will delete your entire hard drive. This one is actually possible and, scarily, not all that hard. Back when Windows 9x ruled the market, there was a simple command line function called DELTREE, which, when you consider that it deletes a directory tree (which are now better known as folder systems), had unfortunate implications when applied to the C: directory. There are now newer means of doing so. The reason this claim should be a tip-off is that data is more valuable stolen than destroyed. With real viruses doing things like locking down corporate data remotely as ransom or stealing your information, the incentive to create a virus that wipes out your data instead of stealing it is sitting squarely at zero.
As a final rule of thumb, if the claims sound crazy, they are. The crazier they sound and the more claims there are, the less you should believe them. Hoax writers get away with writing grand and unbelievable things that you'd call them out on anywhere else. They know that computers are mysterious things and bank on the average person's lack of understanding of them. Because most people don't know how computers work, they don't know if those crazy claims could be true or not. The truth is they generally can't, but the truth isn't as scary. Hoax writers want you to panic. When you panic, you don't think as clearly. If you wouldn't believe a person making those kinds of claims about television or the government, don't believe them when they're being made about computers.
3.) Urgency.
They'll usually make it sound like an emergency so you act on it without thinking about it first. In one case where a virus hoax contained a real virus, one business was nearly shut down as people overloaded the servers with warnings that the virus hoax was really a virus. In fact, the virus was easily fixed. People sending out warnings did more damage than the actual virus did.
The wording will also probably include something like "we need your help to get the word around" or some other thing that tries to make you feel like an important link in a chain. The false sense of responsibility makes you feel good about yourself for sending it, or that you're neglecting your duty if you don't. Either way, it's incentive to pass the hoax on and ties in with the lack of information tactic if you start second-guessing things.
Also common is the "I'd rather have X emails in my inbox than this virus" line. They know you'd rather be safe than sorry. It's a combination between "just in case" and "there's nothing to lose." By making you think about how you might be helping instead of how you're actually wasting your time and others' reading and sending these things, on a scale of "never" to "definitely," they only need a "what's the harm?" to get you to send it to more people, even if you have doubts if it's real.
If a virus is really going around, chances are most people don't even have to worry. Major anti-virus suites like AVG have systems to report new viruses to the company so they can nip it in the bud. In fact, many viruses rely on your software not being updated. In one case, a virus was released an entire week after the security hole it exploited had been fixed. As long as you and all your friends keep your computer and antivirus updated, don't click banner ads or strange links or attachments, and stick to sites that don't allow pop-up ads, the chances you'll have an issue are pretty small.
If you keep these factors in mind, you'll realize that most virus alerts are nothing but spam. Don't pass them on. Delete them.
If you gained anything from this or if you think you know someone who will, please pass it on. If you haven't or don't, simply delete it. My goal isn't to form a chain, and I shudder to think of the mess this is going to make of my inbox. But if this helps keep my inbox and those of others free of fake virus alerts in the long run, I think it'll be worth it.
Again, I'm nobody special. I don't have a job at a big-name company at time of writing. I put no fancy links or attachments in this message. But I do know what I'm talking about, and I hope this has been educational.
Please note THIS HAS NOT GONE OUT YET. I'm looking for feedback and possibly some means of not feeling dirty for having written this and considered sending it out into the world if any exist. :sweatdrop
Tagline: How to spot a virus hoax. Please read.
Like many young people with parents, sometimes the combination between adults and technology I take for granted makes me regret ever having introduced them to it. Email is a wonderful thing, but like any mail system, it gets abused. People try to sell you things, send chain letters, and sometimes even send you a package holding something nasty.
So when it comes to virus alerts, a lot of people feel it's better safe than sorry. It's a good policy in general, but when someone who knows computers gets a virus hoax, groans ensue.
Virus hoaxes are chain letters. They're no different from the ones saying bad things will happen to cute animals if you don't pass them on. Sometimes virus hoaxes even contain REAL viruses. Never click a link or attachment in one. It's just not worth the risk.
My name is Joseph Bauer and I'm a computer science major. I'm nobody fancy, but I grew up with computers and it's my job to know what I'm talking about. After getting a lot of these types of messages, I've decided to try to educate people in hopes that I and others of my generation can breathe a collective sigh of relief instead of having to explain time and again that the virus email you sent is a hoax.
1.) Appeal to authority.
This goes something like "I have a friend who works for Microsoft" or some other relationship with some other company with inside info. The important thing is that you'll have heard of the company and it's a name you associate with computers. Even if nobody actually involved in finding or fixing viruses is mentioned, like Intel, hoax writers know that most people won't know the difference or that it won't occur to them. Having it come from a "real person" or simply straight from a major company skillfully avoids opening the door to basic research. In these cases, it's usually combined with how new it is or how it's not well-known yet so that you may not even try.
A second approach throws caution to the wind and says a major news agency has reported that someone like McAfee has reported a virus to someone like Microsoft. One of the biggest tip-offs is when you start seeing big names all over the place, especially news media. They know you trust the major news networks enough that you won't rush out to check if they really ran the story before forwarding the message. The truth is that they never have and never will. Companies like Microsoft and McAfee have a working relationship in order to keep silence on the issue until the issue is fixed on all ends, but hoax writers know you don't know that. Adding more big names casts a wide net to make sure there's at least one company you know and can make the problem sound bigger.
A newer, hipper tactic is to say Snopes has confirmed it. They may even have a convenient link right there for you. Again, do not click the link. It may redirect you to a page with a real virus on it. If they're really creative, it might take you to a fake Snopes page. If they mention Snopes, go to Snopes yourself. I've also gotten some that have a link to a real Snopes page that confirms... that it's a hoax. Why would someone post a link to a page they knew would say they were lying? Because they know that a lot of people won't bother to check. If you say something and post a link to a source, a lot of people take it for granted or don't have the time to read it.
2.) Claims.
Here's a favorite: a lot of them say something to the effect of "this virus will delete Sector Zero on your hard drive, which will permanently prevent it from functioning." First off, there is no "sector zero." Second, even if there was, any drive made since the mid-1990s had its basic data framework (which is actually spread over the whole disk) set at the factory and it can't be changed. This rule applies to any other thing that might be deleted. Deleting data will never cause permanent damage to anything but your data. Even if all your data was totally wiped, the hard drive doesn't rely on any of it for its basic inner workings.
Another one they like to use is that it's the "worst virus ever." That's just to scare you. Those types of things aren't declared until after the virus has already done millions or even billions of dollars in damage and been on the news. You're not going to hear about it first in an email. Viruses spread fast. By the time you'd get the message, you'd already have had days or even weeks to be potentially infected.
As I said earlier, a lot of times they'll claim that the virus is new or not well-known to try to discourage research. If you look and don't find anything, they have it covered. But with Google Search around, if you look, you probably WILL find something. That something will be a page exposing it as a hoax. Claiming there's no information available in this information age just isn't realistic. If someone actually got the virus, there'd at least be a forum post somewhere.
A fourth one that gets tossed around is that the virus will somehow destroy your hardware. One off the top of my head is "burning" your hard disk. This is simply not possible. No software in the world is capable of causing physical damage. Unless someone finds a way to write one that directs a bolt of lightning at your house, this will never be an issue.
Lastly, a lot of them claim the virus will delete your entire hard drive. This one is actually possible and, scarily, not all that hard. Back when Windows 9x ruled the market, there was a simple command line function called DELTREE, which, when you consider that it deletes a directory tree (which are now better known as folder systems), had unfortunate implications when applied to the C: directory. There are now newer means of doing so. The reason this claim should be a tip-off is that data is more valuable stolen than destroyed. With real viruses doing things like locking down corporate data remotely as ransom or stealing your information, the incentive to create a virus that wipes out your data instead of stealing it is sitting squarely at zero.
As a final rule of thumb, if the claims sound crazy, they are. The crazier they sound and the more claims there are, the less you should believe them. Hoax writers get away with writing grand and unbelievable things that you'd call them out on anywhere else. They know that computers are mysterious things and bank on the average person's lack of understanding of them. Because most people don't know how computers work, they don't know if those crazy claims could be true or not. The truth is they generally can't, but the truth isn't as scary. Hoax writers want you to panic. When you panic, you don't think as clearly. If you wouldn't believe a person making those kinds of claims about television or the government, don't believe them when they're being made about computers.
3.) Urgency.
They'll usually make it sound like an emergency so you act on it without thinking about it first. In one case where a virus hoax contained a real virus, one business was nearly shut down as people overloaded the servers with warnings that the virus hoax was really a virus. In fact, the virus was easily fixed. People sending out warnings did more damage than the actual virus did.
The wording will also probably include something like "we need your help to get the word around" or some other thing that tries to make you feel like an important link in a chain. The false sense of responsibility makes you feel good about yourself for sending it, or that you're neglecting your duty if you don't. Either way, it's incentive to pass the hoax on and ties in with the lack of information tactic if you start second-guessing things.
Also common is the "I'd rather have X emails in my inbox than this virus" line. They know you'd rather be safe than sorry. It's a combination between "just in case" and "there's nothing to lose." By making you think about how you might be helping instead of how you're actually wasting your time and others' reading and sending these things, on a scale of "never" to "definitely," they only need a "what's the harm?" to get you to send it to more people, even if you have doubts if it's real.
If a virus is really going around, chances are most people don't even have to worry. Major anti-virus suites like AVG have systems to report new viruses to the company so they can nip it in the bud. In fact, many viruses rely on your software not being updated. In one case, a virus was released an entire week after the security hole it exploited had been fixed. As long as you and all your friends keep your computer and antivirus updated, don't click banner ads or strange links or attachments, and stick to sites that don't allow pop-up ads, the chances you'll have an issue are pretty small.
If you keep these factors in mind, you'll realize that most virus alerts are nothing but spam. Don't pass them on. Delete them.
If you gained anything from this or if you think you know someone who will, please pass it on. If you haven't or don't, simply delete it. My goal isn't to form a chain, and I shudder to think of the mess this is going to make of my inbox. But if this helps keep my inbox and those of others free of fake virus alerts in the long run, I think it'll be worth it.
Again, I'm nobody special. I don't have a job at a big-name company at time of writing. I put no fancy links or attachments in this message. But I do know what I'm talking about, and I hope this has been educational.