Sunday, June 29, 2008

Virus Hoaxes, As Bad As The Real Thing?

Computer viruses cause real damage to systems or lead to data theft. The consequences are lost time, broken programs and sometimes real money stolen.

A hoax can have these same consequences.

A virus hoax is typically distributed by e-mail to 'warn' recipients of a new threat to computer systems security. After detailing how this new virus is a serious threat, the e-mail advises you to forward the message to everyone you know. This 'chain letter' effect causes one kind of real harm.

Virus hoaxes can circulate widely. Suppose a recipient distributes it to 10 people and each of those 10 people distribute it to 10 more people, and so on down the line. After only six generations, one million bogus e-mail messages will circulate throughout the Internet. By the seventh generation the number reaches 10 million, and by the eighth generation - 100 million e-mail messages that serve no purpose are clogging up networks worldwide.

This effect can cause servers or routers (specialized computers that route Internet traffic) to slow down or even crash.

Often such hoaxes are forwarded with good intentions. A classic example is the e-mail warning about a virus called 'Deeyenda', circulating since 1995. It claims a virus called Deeyenda is circulating via e-mail. The e-mail explains the FCC (Federal Communications Commission) has issued warnings about this virus, and advises the recipient to pass the message on.

Everything about the warning is false. Viruses can't be activated by reading a text e-mail and the FCC doesn't issue warnings about viruses. (Spyware, yes. But then it's not usually a warning, but the annoucement of a criminal indictment.) Furthermore, there has never been a virus called Deeyenda.

Even a hoax can do real system damage. Some warn the user to delete certain files allegedly containing the virus. Such files are typically (unknown to the average user, of course) critical to proper computer operation. Deleting them may have no immediate effect - until the system is re-booted and fails to start.

How to Combat Virus Hoaxes

Fighting a hoax starts with 'recognizing the enemy'.

One clue that a warning is bogus is the use of technical jargon. The 'Good Times' virus hoax contained this warning: 'If the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor.' This sounds very impressive, but in fact there is no such thing as an nth-complexity infinite binary loop. Also, no processor can be harmed by excessive use. Your system may be too busy to process desired commands, but no actual harm is done to the hardware.

Virus hoaxes often contain references to real organizations such as the FCC or a company specializing in antivirus software. If the warning is real, it'll be easy to verify on these organizations' web sites. If the virus warning is real, you can expect to find references to it in print, on television, as well as all over the Internet.

It should go without saying, though some have fallen prey, one should never 'buy' from someone unknown proposing to 'cure' your virus infection. There are many legitimate antivirus vendors - some offer downloadable products, others provide a service over the Internet. But all can be verified by reviews in trade publications and valid testimonials from trusted sources.

No comments:

Post a Comment