john skinner

professional | personal | public service | what's new | faq | links | contact
 
 
You are here: Home > Public Service Announcements > Virus

Warning: terrible computer virus at large

The much-feared Gullibility Virus is sweeping through the Internet! Spread by e-mail, the virus causes havoc as cascades of panic-stricken users forward the shocking news to everyone they can think of. Such is the intensity of fear generated, that its victims never stop to think that the report might not be true.

Almost all computer virus warnings you will ever receive are hoaxes, because almost all would-be vandals are too stupid or too lazy to create a real virus. It takes knowledge, [warped] intelligence and many hours of hard work to create a virus; to create a hoax takes only a few minutes of typing — and the gullibility and laziness of its recipients. Over to you, dear reader.

How do I know whether an e-mail warning is a hoax or a genuine virus?

Simple: you look it up. The most recent example to land in my inbox concerned "buddylyst.zip", and named a whole slew of experts who had pronounced it deadly, including a link to the local police force.

Did I panic? hell no. I surfed over to Google, typed in "virus buddylyst.zip" and clicked on Go. It reported some 3,000 sites. I chose one more or less at random, and read: "No virus, it's a hoax." Back to Google and choose a second site more or less randomly: "No virus, it's a hoax". Third site: "No virus, it's a hoax".

Elapsed time: two minutes.

Out of curiosity, I then followed the link in the mail message to our local police force website — and sure enough, they too report that it's a hoax. The person who sent me the fake virus warning had not even bothered to click on the link in the mail itself!

But the message came from Jane, she wouldn't lie to me.

Jane did not write the message. She forwarded it to you after receiving it from somebody else, who forwarded it to her after receiving it from a fourth person, ad infinitum. The hoax = virus only works because people trust each other and assume that the person forwarding it will have checked it out.

But it said that Microsoft warned about the virus!

Well so what? Anyone can write "Microsoft said". There, I just did it. Here's another example:

[Reuters] Microsoft Corporation (NYSE: MSFT) announced yesterday that it was appointing John Skinner to be head of database development in the EMEA (Europe, Middle East, Africa) region, at an undisclosed salary. Mr. Skinner is a well-respected industry figure.

Hey, cool, lucky me. Alas: it's BS, I just made it up. Took thirty seconds. The point is, anyone can write anything in an e-mail. The words "Microsoft said" are worth nothing. (Same goes for "IBM said" or "Netscape said" etc etc.) If Microsoft really did say it, and if the thing really is a dangerous virus, then it will be on page one of their web site in big red letters. Discovering that it isn't there, or that Microsoft said it's a hoax, will take you less than one minute.

So what should I do?

Be skeptical, and behave responsibly (the two are in my experience closely related).

Do not forward virus warnings without checking whether the thing is a hoax. It will take less than two minutes to look it up on Google, and that's no more time than you would spend gathering the names of all your friends to mail it to.

The hoax virus warning is itself the virus. Don't pass it on.

What else could I do?

Set a bookmark in your browser for the Symantec Anti-Virus Center, to spare yourself the trouble of searching Google. Symantec makes the Norton Anti-Virus software (and a host of other good, useful security and repair tools), and maintains at this site a searchable list of known viruses and hoaxes.

Install an anti-virus programme and it keep up to date. I use Norton Anti-Virus, but there are many others. Whichever one you choose, it's useless unless its virus definition list is up to date. One of Norton's many advantages is a bundled utility called "Live Update" which keeps track of changes to the A-V software or virus definition lists, and downloads these as needed.

Don't accept candy from strangers. Your mother's rule is still valid. Don't even think about opening e-mail attachments unless you personally know the sender, and even then only if the sender is also the creator of the attachment. Never open any attachment that was forwarded to you, unless the sender says that they opened and used it without problems. Even then, I would first check with Symantec or Google that the thing is not a virus or boobytrap.

Know what you are opening. Windows hides filename extensions by default, because Microsoft thinks this a good idea. [From their point of view it is: the less you know, the more money they earn.] Virus-propagators use this to sneak up on you: they give their bastard progeny names like "friends.jpg.exe" (.EXE means "this is a programme" in Windows-speak). If the filename extensions are hidden, you will see an attachment named "friends.jpg" — and probably not stop to think that the ".JPG" extension ought to be hidden. So you open the virus. The exact name and location of this setting varies between Windows versions, try the Folder Settings item and look for an option whose name means "Hide filename extensions of known file types", and set this off.

Switch to a Mac. They are not just better, they're significantly more secure too.


http://www.skinnerconsulting.com/english/virusHoax.html
Copyright © John Skinner, 2002. All rights reserved.
Last updated 2003.04.05