Virus Alert - Legitimate or Bogus?
September 30, 2001
Charles Oriez discusses the important topic of identifying and dealing with bogus virus alerts.
There has been lots of attention lately to the Sircam virus, the Code Red virus (which is actually a worm, not a virus) and various other nuisances perpetrated by script kiddies with too much time on their hands and poorly developed social consciousness.
Another nuisance, however, is the fake virus alert. It starts with a discussion of the dire consequences if you open a mail containing some subject line, and ends with an urging that you transmit this warning to 'everyone in your address book'. It never seems to end with the warning to 'actually verify the accuracy of this alert before transmitting to everyone in your address book'. And in fact, when someone distributing these wild alerts is asked how much effort they went through to verify the alarm before passing it on, we seldom find that anyone has made even the most cursory efforts at verification.
Yet there are simple steps to verify virus alerts. For starters, did it really come from a company such as McAfee or Norton whose job it is to generate virus alerts? Do their web pages say the same thing about this virus as the e-mail does? Do independent sources say the same thing they do? Remember, hysteria helps the virus companies sell their products. My own favorite source for differentiating between hoaxes, hysteria, and the real thing is www.vmyths.com. This virus myths page by Rob Rosenberg does a good job of distinguishing between the three (pop quiz - what percentage of web servers were vulnerable to the Code Red worm: A) 100% B) 60% C) < 10% - Extra credit if you can find a single story in the mass media which told you that the correct answer was C).
Vmyths.com has decided to track hysteria on the net by monitoring the rise and fall of the virus hoax chain letters each week. Your effort will help them detect changing trends in virus hysteria. Forward the verbatim chain letter to HoaxFYI@Vmyths.com. Emails sent to this account will remain strictly confidential (they promise not to tattle on your boss if he got duped).
So the next time a coworker sends you an alert about the terrible virus that is going to destroy the Internet if you don't take the time to spread his alarm to everyone in your address book, ask him gently what steps he took to verify the alert. Then verify it yourself on vmyths.com instead of risking your own credibility by crying wolf when you shouldn't.
Charles Oriez currently serves on the Editorial Advisory Board of the AITP Information Executive and he also chairs the AITP National Legislative Affairs Committee. Charles has a unique and important insight into spam, virus, security, and legislative issues.
Copyright © 2001, Charles Oriez, All Rights Reserved.
Charles Oriez's HomepagePlease share your thoughts and comments regarding this feature. You can do so by posting to our Hot Topics Forum.
