Online Hoaxes No Joke for Debunkers

An increase in hoaxes claiming that reading e-mail will unleash viruses capable of doing hideous things to personal computers has prompted computer security experts to step up efforts to debunk these myths.

The hoaxes--with strange names such as Deeyenda, Penpal Greetings, NaughtyRobot and AOL4FREE--are creating a virtual headache for government officials.

Virus hunters at the Energy Department’s Computer Incident Advisory Capability unit say hoaxes cause problems by tying up phone lines and staff time.

“Nine of the 10 phone calls we receive on viruses are related to hoaxes. We’re spending all our time working on these and not on viruses,” said William Orvis, a computer security expert at CIAC, which monitors “malicious software” for the federal government.

But the Internet’s global reach, the ease of sending e-mail, a tendency to believe messages that arrive on the computer and the difficulty of tracking the genesis of a message allow hoaxers to frighten computer users with impunity.

Although the handful of documented hoaxes pales in comparison to the 11,000 or so known computer viruses, there is increasing concern about the negative impact of such messages.

“Up until now there hasn’t been a need for training on how to identify a hoax,” said Jonathan Wheat, senior anti-virus laboratory analyst at the National Computer Security Assn., an industry trade group in Carlisle, Pa. “The only way to get a virus from e-mail is by opening an attachment, not just by reading the message itself.”

Computer industry officials fear hoaxes will prompt technophobes to view the Internet as a “dark and dreary” place and will cripple the fledgling sense of security these users have in the Internet and the World Wide Web.

Players in the fiercely competitive anti-virus software market are concerned that widespread hoaxes undermine the industry’s ability to warn consumers about viruses that pose a real threat to their systems.

“Virus hoaxes reduce the credibility of real virus alerts because they cause people to become numb to all warnings,” said Alex Haddox, product manager for the Santa Monica-based Symantec AntiVirus Research Center. Symantec makes Norton AntiVirus software.

To combat hoaxes, government and industry officials have created Web sites that list the “latest and greatest” myths and delineate the steps consumers can follow to spot phony e-mail.

CIAC has received 220,000 hits on its hoax Web page at https://ciac.llnl.gov/ciac/CIACHoaxes.html since January. Symantec’s hoax site at https://www.symantec.com/avcenter/index.html has worked to reduce calls to the company from software users inquiring about hoaxes, Haddox said.

Some argue that hoaxes are essentially harmless.

“They really aren’t damaging. Starting a hoax is inherently benign except that it gets everyone worried,” said Paul Hoffman, director of the Internet Mail Consortium, an international group of computer companies charged with expanding the role of the Internet and e-mail.

Discussion surrounding who is responsible for the increase in hoaxes includes a lot of finger pointing. Some who follow computer security issues accuse software makers of perpetuating these myths to sell their products.

Indeed, anti-virus software makers such as Symantec, McAfee Associates and Dr. Solomon’s, take advantage of opportunities that arise in the aftermath of a hoax, analysts agree.

“When stories get written about viruses or even hoax viruses, the virus companies take the opportunity to tell the story that whether or not there is a particular concern, there are many possible reasons for concern,” said Dan Lavin, an analyst for the San Jose-based research firm Dataquest.

Software makers say coping with hoaxes takes so much of their staffs’ time and effort that it would be self-defeating for them to perpetuate these myths to sell anti-virus products.

“They’re just a burden,” said Jimmy Kuo, director of anti-virus research at McAfee. McAfee has seen the number of repeat questions it gets about hoaxes drop since it created a hoax Web page (https://www.mcafee.com/support/hoax.html). Dr. Solomon’s also has a hoax page at https://www.drsolomons.com/vircen/hoax.html

Virus watchers also say media coverage of hoaxes works to perpetuate the myths.

Recent hoaxes are often reincarnations of the Good Times hoax, which first appeared in December 1994. Hoax writers cut and paste from Good Times messages on the Internet or e-mail and borrow techniques its creators pioneered in an attempt to give their messages authenticity. Hoaxes make wild claims about what viruses can do to your computer system, including melting your monitor or eating your hard drive. Some even go so far as to say that your computer will jump off the desk.

Some industry observers believe the current cycle of hoaxes will start to diminish as software that allows computer users to check the authenticity of e-mail using a digital signature becomes more popular.

“Because we lack any way of authenticating e-mail messages, all messages seem inherently authentic,” Hoffman said.

“In two or three years,” he added, “hoaxes will be harder to start because an e-mail server will be able to check a digital signature on the message to make sure the sender is who they say they are.”

(BEGIN TEXT OF INFOBOX / INFOGRAPHIC)

Take 2 Diskettes and Call Me in the Morning

William Orvis, a computer security expert at the Energy Department’s Computer Incident Advisory Capability unit, says recent reports of an AOL4FREE.com “Trojan horse” program and accompanying e-mail message have resulted in numerous queries from the public. He said that while reading an e-mail message cannot hurt a computer, executing an attached program could unleash the Trojan horse, which could affect a computer’s hard drive. Among the questions/comments Orvis has received:

* Can this affect my cable TV box and TV?

* What is a diskette?

* Who are you guys and why are you advertising a virus?

* I can’t get to my CD-ROM. It MUST be this virus.

* Is it safe to turn on my computer; I was connected to AOL last night?

* How do I stop my son from getting this virus?

* I’m not connected to the Internet. Can I get it?

* Don’t go to the AOL4FREE.com Web site. It will download a virus.

* How do I know I got it?

* It has to be released by a foreign government.

* Make me a cure and send it to me.

It’s Contagious

About 63% of 1,300 technology managers who responded to a recent Infoworld/Ernst & Young survey reported that computer virus outbreaks at their firms resulted in financial losses*:

Inadvertent errors: 66%

Viruses: 63%

Natural disaster: 35%

Malicious acts by employees: 32%

Unknown source: 20%

Malicious acts from outside: 18%

Industrial espionage: 9%

*Multiple responses allowed

Preventive Medicine

Computer users should visit Web sites created by industry officials to verify the authenticity of virus warnings before they pass along such messages to friends and co-workers.

What to look for in a hoax:

* Lots of capitalized words and exclamation points

* Suggestions that the user send the warning to everyone they know

* Abundant technical jargon and citation of an authoritative source as issuing the warning

* Warnings not to read or download the supposed virus

* Descriptions of the virus’ supposed destructive powers

Sources: Infoworld/Ernst & Young’s fourth annual “Information Security Survey”; “How to Spot a Virus Hoax,” by Joe Wells, senior editor of IBM’s anti-virus online Web page at https://www.av.ibm.com/current/FrontPage/

Researched by JENNIFER OLDHAM / Los Angeles Times