At first, I was just plain annoyed. Someone forwarded a hoax email to me twice in the same week. I am often asked about hoax email: “Kevin, you work at Symantec, is this true?” That’s fine; that’s not what annoyed me. What set me off was that both emails had been forwarded to warn me. The forwarder wasn’t even questioning the content of the email. They had accepted clearly bogus warnings about the “world’s worst virus” as fact.
Then I started thinking about the Twitter discussion I recently had about education. Some security professionals are turned off by education because they don’t believe it works. The rest feel it’s important, but never done right. (I fall into the latter category.) And, I decided that my previous approach to educating people about these hoaxes was not working. Just giving people a link to a Web page that disputes the hoax is not enough. Rather than give a man a fish, I needed to teach them how to fish.
So, I sat down and wrote an email explaining how to spot a virus hoax. It took a little longer than just forwarding a link, but I think it will be more effective. Plus, I can now just cut and paste this email as a response the next time someone forwards a hoax email to me.
If you want to give what I’ve done a try, I turned my email into a template that you can use. (See below.) The next time someone forwards a hoax email to you, just cut and paste this into a reply. I’m optimistic that we can educate people—we just need to adjust and adapt when things don’t work.
Dear [fill in friend’s name],
As you know, I work at [Company Name] in the group that covers computer security. I see my fair share of viruses. I also see quite a bit of hoax email. The email you forwarded is a hoax.
It is true that miscreants are sending email with attachments and making posts to people’s Facebook pages with links that lead to malware. They use high profile events or interesting sounding videos to get you to click on the attachment or link. The goal is always the same, to get you to click and become infected. It is only the come-on that changes.
But, the thing is, any warning that comes in via email is almost always a hoax. They are never about real malware. Sometimes they tell you to do things that could actually damage your computer. (Hoaxers have a strange sense of humor.)
There are five easy ways to tell if the email you’ve received is a hoax:
1. Snopes verified it.
The email you forwarded to me is confirmed by Snopes as a hoax. The hoaxers only tell you Snopes has verified it as true so you will not check for yourself.
2. It’s the worst virus Symantec has ever seen.
Even if it truly existed, it would not be the worst virus ever seen. Trust me. Unless it will force cylinders used for uranium enrichment to spin out of control, it is not the worse virus ever seen.
3. It does irreversible harm to your computer.
People who write malware are crooks, not vandals. They try to steal your information. They need your machine to stay functioning to do that.
4. A reliable person forwarded the email.
Being reliable and being a good judge of hoaxes are two completely different skills.
5. You are to forward the email to everyone you know.
Good-hearted people try to warn others of impending disasters. Hoaxers tell people to forward an email to everyone they know. Thanks for being so concerned—it speaks well of you as a person. But, next time, please just delete the email.
[Your name here]
Leave a reply