OFFICIAL SECURITY BLOG
March 25, 2013 | BY Pieter Arntz
A hoax ( to trick into believing or accepting as genuine something false and often preposterous ) is the word we use for a fake warning. Since they are not only annoying and confusing, but sometimes even potentially harmful, they deserve some attention.
Hoaxes started out as emails and the idea was the same as the one behind chain letters. I used to call them “lazy viruses” since they depend on the receiver to spread the hoax further amongst his contacts. Nowadays hoaxes are most active on social media, especially Facebook. This has considerably increased the speed with which they spread.
How can we recognize a hoax?
The first thing that should ring an alarm-bell is the request to forward the message to all your friends. A hoax will always say that it is important and try to convince you that it is not a joke, usually by claiming that someone knowledgeable that they know (but you don’t) confirmed the information in the hoax. In a mail you can tell by the number of forwards (lots of Fwd: in the title or >>> in the body) how many times a message has been forwarded before it reached you. Many if those will tell you that the message will no longer be fresh and the claimed problem not that acute.
A number of points in the content, that will help you recognize hoaxes. Not all of these have to be true, but usually most will be.
Another thing you can do, is copy & paste a significant piece of the warning and do an online search for it. From the results you might learn that the warning is a lot older then it claims to be. And with any luck you will see it listed as a known hoax. A long list of known hoaxes can be found at hoaxbusters.org and hoax-slayer.com
What is the goal?
Sometimes it is just the fun to play a trick on someone, but hoax mails could be used by spammers to gather email addresses. Since many people do not use the BCC option when forwarding these mails and the mail itself often travel in circles, spammers would be able to obtain many valid email addresses.
Another goal could be to hurt certain people. There are many hoaxes on Facebook, claiming that you should not add certain people to your friend list because you would get infected. These claims are obviously untrue. This type of warning should not be reposted.
And sometimes a hoax is spread to make a point. Consider for example the supposed move of “The Pirate Bay” to North Korea. They announced this was a hoax a few days later with the statement: “We’ve hopefully made clear (once again) that we don’t run TPB to make money. A profit hungry idiot (points at MAFIAA with a retractable baton) doesn’t tell the world that they have partnered with the most hated dictatorship in the world. We can play that stunt though, cause we’re still only in it for the f*in lulz and it doesn’t matter to us if thousands of users disband the ship. We’ve also learned that many of you need to be more critical. Even towards us. You can’t seriously cheer the “fact” that we moved our servers to bloody North Korea.”
Their point was that they felt they were threatened in the “free world”. They went to great lengths to make this hoax look real. They even made it look like their IP was in North Korea and changed their logo.
Pirate bay logo with the Korean flag on the sail
How can hoaxes be harmful to your computer?
The most well-known example was a hoax that circulated for years about the Bugbear virus. It urged people to remove the file JDBGMGR.EXE, a normal Windows file that happened to have an icon shaped like a bear.
Using this method more serious damage could be done, if the named file was more crucial then this Java debugger. And the fun for the source of the hoax would be the complaints on the internet by users who had compromised their own system.
Besides, what is the point of warning your contacts about a virus in this way. Advise them to install a decent AV plus Malwarebytes Anti-malware and to keep those updated. That helps a lot more. So if you have received a warning about a virus from someone, please do not send it to other persons just like that. Make sure that it is a legitimate warning, or otherwise contact someone who may be able to give you further advice on the message and the (possible) virus. This way we will work towards eradicating hoaxes from the Internet.
Hoaxes can even be harmful for your health, for example I recently read a hoax providing false information about removing ticks. Advising people to use water and soap rather than tweezers. This hoax is a perfect example of how they resurface after a while. I saw it in English in the beginning of 2011 and came across it in Dutch a few days ago. Personally, I don’t ask the poster to remove it. I think it is better to add a warning that it is a hoax. And if the poster doesn’t, then I will, especially in the cases where the hoax can potentially do harm.
Summary: don’t just forward anything without checking the validity of the statement. If you investigate the matter and you are still not sure, it is better to refrain from spreading it further. If there is validity behind the information, spreading it to your friends via a new and fresh e-mail or post, along with sources could alleviate any concerns they have about its legitimacy.