Hoaxes

Some viruses are perpetuated by human means rather than by software means.

It is increasingly common for e-mail users to receive warnings about viruses that do not exist, urging them to follow enclosed instructions and to forward them to everyone they know. In response, the unsuspecting users follow the instructions to delete certain files, which actually has the effect of damaging their computer's operations. Thus, users are tricked into inflicting damage on their own computer.

Here, the underlying mechanism is a shrewd one: a viral idea moves from the message into the reader's mind, which, if the reader acts on the message and forwards it to everyone they know, also serves to replicate the message. Such messages that behave like an idea-virus are known as memes.

E-mail chain letters work according to the same mechanism. In this case, they prey upon human emotions:

  • sympathy ("Please send an e-mail message to this dying boy, and forward this message to everyone you know.")
  • greed ("Every tenth person who forwards this will receive a free trip to Disneyland!")
  • revenge ("I was billed $250 instead of $2.50 for this cake recipe; please forward it to everyone you know so that I can get back at Niemann-Marcus.")
  • justice ("Please add your name to this petition to save PBS and forward it to everyone you know.")
  • fear ("If you are visiting the Chicago area, look out! There are gangs that drive with their lights off at dusk and will run off the road and kill any other drivers who flash their headlights to signal to them that their lights are off!")
  • spirtuality ("Send this prayer request to everyone you know.")

What's so bad about e-mail chain letters?

Phishing

Phishing is a fraudulent attempt to acquire personal information by posing as a legitimate organization (usually a bank or eBay). In a sense, these frauds are "fishing" for account numbers and passwords. The most common phishing approach is to send official-looking e-mails that link to official-looking webpages asking people to update or confirm account numbers and passwords. These scams used to be easy to identify, as they usually contained numerous misspellings, grammatical errors, or inappropriate wording (would your bank address you as "Dear Honey"?), but now the e-mails and phony webpages look increasingly genuine.

As a general rule, never log in to your account at a bank, eBay, Amazon.com, etc., via a link in an e-mail that claims to have been sent by them: always open up a Web browser and go to the site directly (though even this not always safe: using "pharming," some criminals can alter Internet settings so that you are automatically redirected to their phony—but genuine-looking—website).

For more information on phishing, see Microsoft's website.

Previous Page Next Page

 

 

 


This chapter was written by Jeff Nyhoff and Joel Adams. Copy editing by Nancy Zylstra
©2005 Calvin University (formerly Calvin College), All Rights Reserved

If you encounter technical errors, contact computing@calvin.edu.