Don't fall for a virus hoax

November 23, 1999 Sophos Press Release

Contents

* What is a hoax?
* How do hoaxes cost money?
* How to prevent hoaxes from spreading in your company
* Keep yourself informed

What is a hoax?

Budweiser Frogs! Penpal Greetings! Give your cat a colonic! You may have received warnings about these "viruses"; if you did, you have been the victim of a virus hoax.

The Sophos helpdesk receives more calls about virus hoaxes than any individual real virus. Virus hoaxes are false reports about non-existent viruses, often claiming to do impossible things. Unfortunately some recipients occasionally believe a hoax to be a true virus warning and may take drastic action (such as shutting down their network).

Typically, hoaxes are emails which describe a dangerous new undetectable virus, usually using bogus technical terms. Hoaxes often ask you to avoid reading or downloading emails that have a particular subject line. Examples include Budweiser Frogs, It Takes Guts to Say Jesus, and Join the Crew.

For instance, the Good Times hoax claims to put your computer's CPU in "an nth-complexity infinite binary loop which can severely damage the processor". The hoax warns you not to read or download anything with the subject "Good Times" because the message is a virus. It then urges you to forward the warning to as many people as possible.

How do hoaxes cost money?

Although no official research has been done on the subject, it is estimated that hoaxes can cost you even more than a genuine virus incident. After all, no anti-virus will detect hoaxes because they aren't viruses. Some companies panic when they receive a hoax virus warning and assume the worst - making the situation much worse.

The amount of email that a typical hoax can generate is also a cost to organisations. Once a few people in your company have received a warning and mailed it to all their friends and colleagues, a mail overload can easily result.

How to prevent hoaxes from spreading in your company

Your company may like to consider circulating a policy on virus hoaxes to your staff, in an attempt to reduce the costs involved.

Here is an example policy you could use:

"You shall not forward any virus warnings of any kind to *anyone* other than <insert name of the department or staff member who looks after anti-virus issues>. It doesn't matter if the virus warnings have come from an anti-virus vendor or been confirmed by any large computer company or your best friend. *All* virus warnings should be sent to <insert name>, and <insert name> alone. It is <insert name>'s job to send round all virus warnings, and a virus warning which comes from any other source should be ignored."

Keep yourself informed

Sophos provides a number of resources which can help you reduce the costs associated with virus hoaxes.

Sophos offers a free hoax info feed which allows you to display "always-fresh" information on your website or intranet about the most prevalent hoaxes. By using the feed from Sophos you can ensure your website carries useful, up-to-the-minute data on the "hottest" hoaxes with very little effort.

Sophos also recommends you visit the section of our website devoted to debunking virus hoaxes: Sophos describes hoaxes and scares.