Saturday, February 21, 2004

Hoaxbusters

Send this to friends/colleagues that forward hoax messages...

Hoaxbusters

Interspersed among the junk mail and spam that fills our Internet e-mail boxes are dire warnings about devastating new viruses, Trojans that eat the heart out of your system, and malicious software that can steal the computer right off your desk. Added to that are messages about free money, children in trouble, and other items designed to grab you and get you to forward the message to everyone you know. Most all of these messages are hoaxes or chain letters. While hoaxes do not automatically infect systems like a virus or Trojan, they are still time consuming and costly to remove from all the systems where they exist. At CIAC, we find that we spend much more time de-bunking hoaxes than handling real virus and Trojan incidents. These pages describe some of the warnings, offers, and pleas for help that are filling our mailboxes, clogging our mailservers, and that generally do not have any basis in fact.

In addition to describing hoaxes and chain letters found on the Internet, we will discuss how to recognize hoaxes, what to do about them, and some of the history of hoaxes on the Internet.

Users are requested to please not spread chain letters and hoaxes by sending copies to everyone you know. Sending a copy of a cute message to one or two friends is not a problem but sending an unconfirmed warning or plea to everyone you know with the request that they also send it to everyone they know simply adds to the clutter already filling our mailboxes. If you receive any of this kind of mail, please don't pass it to everyone you know, either delete it or pass it to your computer security manager to validate. Validated warnings from the incident response teams and antivirus vendors have valid return addresses and are usually PGP signed with the organization's key. Alternately, you can and should get the warnings directly from the web pages of the organizations that put them out to insure that the information you have is valid and up-to-date.

No comments: