PDA

View Full Version : WARNING!! Virus Warnings should not come by Email!!!



Graham Petrie
01-07-2002, 08:31 PM
Hello,

It seems lots of people are falling for hoax virus warnings sent by email recently. In my experience the only people who send virus warnings by email are system administrators, who also attach links to a reliable source indicating the authenticity of their warning. If you receive a virus warning by email that does not contain a link proving it's reliability, ignore it! If you are worried you can check it out at Symantec.com Hoax Warnings (http://securityresponse.symantec.com/avcenter/hoax.html).

If the warning you have received is a hoax, please email the person who sent it to you and inform them. Also tell them on no uncertain terms not to do it again. Emails like this are worse than spam as they can (as in the case of the jdbgmgr.exe/Teddy Bear hoax) damage your system.

Please, please, please check them out before you beleive any warnings you receive via email.

Hoax virus warnings usually contain poor grammar adn spelling.

Also, Microsoft does not send or notify of updates by email. Emails pertaining to contain software updates are most likely hoaxes containing viruses or trojans. Ignore them.

G P

Heather P
01-07-2002, 09:36 PM
Well you must admit that getting a virus warning from a computer is very authentic sounding. I mean, hey, it's a computer! Anything that a computer says HAS to be right! Like, come on!

If a scruffy individual came up to me on the street, handed me a piece of paper and told me to go home and delete some files, would I do it? Of course not!

And so what if the virus warning has been forwarded heaps of times after first starting life with someone I didn't know in Brazil. The English might be really bad BUT IT CAME FROM THE COMPUTER!!

Graham Petrie
01-07-2002, 11:57 PM
I guess that is why the hoaxes work, and why there is a need for me to remind everyone to be a little less nieve.

G P

dot_com
02-07-2002, 11:11 AM
Yeah well, sometimes its just friends trying to be helpful to each other....... After all if you saw someone coming at your friend with a knife, you would warn them. Right?

Graham Petrie
02-07-2002, 11:28 AM
Exactly. That is why I am arning everyone to be careful out there. I didn't expect anyone to jump dowm my throat when I am just giving everyone a friendly reminder. I was going to put it as a reply to the most recent post regarding the jmdbgmgr hoax, but I thought it was pertinent for everyone, so started a new thread. In the last three or so days, three people have posted here asking how to fix their PC's after they had fallen for a hoax. Four or more others posted here requesting info on emails they received which also turned out to be hoaxes.

This thread is not to insult anyone, but rather to remind you that just because your friend told you, doesn't mean it's tru. That is why I included a link to the symantec page, so that if your well-meaning friends do send you hoax warnings (with the best of intentions) you can a) Check them ou, and b) Quickly warn your friend not to believe the warning themselves if it does turn out to be a hoax.

I am not saying you should ignore all virus warnings. What I am saying is that we should all be a little on guard when it comes to internet security, and should adopt good practices such as including reference information in all warning emails as well as double-checking all warnings before we believe them by default.

Let me ask you: Do you wish to have a virus infect your system? No? Why not? A: Because it is potentially harmful, right?

So, why should you then blindly believe all warnings, and follow the instructions in them to "remove" the virus (which doesn't exist) and thus harm your system? Hoax warnings which damage your system are as bad as viuses themselves. If you received a virus from a friend, would you not reply to them to let them know so they could remove it? So too should you let you friends know they have been sending you hoaxes so as to stop them from doing it in the future.

It is all about education people.

Heather, I am sure you know all this already!!! I was surprised by your reply.

G P

Graham Petrie
02-07-2002, 11:30 AM
Sorry about the absolutely shocking grammar and spelling in that last one, I was typing without my contact lenses in! Not too bad though I thought!

G P

Dolby Digital
02-07-2002, 11:53 AM
So much bandwidth, so few (email) messages... maybe the internet police could vet emails for virus hoaxes ;0)

Heather P
02-07-2002, 08:33 PM
Sorry. People don't send me hoaxes any more cause I research them and fire back a note telling them to research it themselves and how to do it.

The hoaxes that really stun me are the ones with really bad spelling and grammar with 6 sets of forwarding arrows AND PEOPLE BELIEVE IT!

A maths teacher at a school I once worked at was telling me about some Geography assignments that the kids showed him. High marks cause they were beautifully formatted with wonderful graphs. The graphs were the wrong type and meaningless, but because they looked good - full marks.

I'm a cynic, I've seen too much "Garbage in, garbage out"

dipstick01
03-07-2002, 01:08 AM
Good on you for putting the post up. I agree, too many people just react to whatever they receive without taking the time to stop and think it through. The Virus warnings, the nigerian money scams and those damn send this to your friends letters that arrive are starting to get really annoying.

Susan B
03-07-2002, 09:16 AM
Graham, doesn't this deserve to be a FAQ #26a??

Like you said, there are always posts on here asking about so-called viruses and instead of giving people a detailed explanation that this is a hoax, go to Symantec blah blah blah, they could just be directed to the FAQ. If it is written like you have just done here it might wake them up a bit.

I can't count the number of times I get sent these hoaxes from particular people and no matter how many times I tell them it is a hoax, check the details out at such and such a link at Symantec they still keep sending me them without checking it out for themselves first. Heather, you are lucky that your contacts have got the message!!

Biggles
03-07-2002, 09:27 AM
Agree with Susan - there is definitely a FAQ in this. I've had plenty of experience of the hoax email, both virus and other types, and with a few minutes effort it is usually ridiculously easy to check whether it is a hoax or not. I've even had them forwarded to me by other staffers (cough ... journo .. cough cough) who failed to pick up on the tell tale signs.

So a FAQ outlining the simple steps you can take to verify whether the threat is real would be a good idea. Then we can all just send folks the URL to the FAQ instead of explaining it all over again ....

godfather
03-07-2002, 09:30 AM
Well said Graham...

I think it deserves FAQ status as well.
Heather sums up the public attitude well, and I guess we find the public gullibility quite amazing.

tweak\'e
03-07-2002, 09:44 AM
>I guess we find the public gullibility quite amazing

you got that right. after all how many people who use pc's can't work a VCR ;-)

dot_com
03-07-2002, 10:30 AM
I can work a PC and a computer, but I can't work a Playstation LOL

mark c
03-07-2002, 11:15 AM
I encourage/ask/plead with my email correspondees to please put in a meaningful subject line, something that they know will make sense to me as I know them. Now I'm beginning to think it might be a good idea to have a password in the subject line that you both know. If I get an email from a friend/colleague/known contact whatever and it doesn't have the password but something like 'hey look at these pics' then I'd think some dork virus writer has busted into their address book and sent some of their nasty deranged work on to me. What do you thin of that?

tweak\'e
03-07-2002, 12:00 PM
nice idea but most people can't keep track of all the 'passwords' expecially commerical companies are not going to go out of their way to help.

just keep your virus defs uptodate, plug all known flaws in your software, practice safe email ;-) and keep good backups.

most importantly pass that info on to all your email mates rather than waste time sending'look out for this virus' emails.

Heather P
03-07-2002, 05:54 PM
Computers are basically very fast abacuses - extremely good at calculations involving noughts and ones. Do I trust the results that come from it? No. If what it tells me is important I will double-check the data and cross-check the answers.

The trouble is computers produce very pretty results. The sheer beauty of the results lulls one into a false sense of security because they look valid.

Glossy brochures, complex websites, graphs, calculation results, virus warnings... all appear valid on the surface. All need to be checked and double checked.

Unfortunately computers are sold as toasters. Plug them in, turn them on and they work. What the sales people don't say is that there is a very steep learning curve and that before playing with the toys and the fancy software one needs to learn the basics.

The number one rule is: Don't trust a computer until you've checked the results!

Graham L
03-07-2002, 06:03 PM
Exactly. When pocket calculators became popular, there were a lot of people getting wrong answers to 8 decimal places.

"There are lies, damned lies, statistics, and Excel". ]:)