The hoax claims that an Elf Bowling game (known as ELFBOWL.EXE)
or a Frog catapulting game (known as FROGAPULT.EXE or FROGPULT.EXE)
are infected with a virus.
Here is the text of the hoax:
IF YOU HAVE RECEIVED ANY OF THESE GAMES =
FROGAPULT.EXE ELFBOWL.EXE (FROG GAME) & (ELFBOWLING GAME)
PLEASE CAN YOU DELETE THEM COMPLETELY OUT OF YOUR SYSTEM
AS THEY BOTH HAVE A DELAYED VIRUS ATTACHED TO THEM THAT WILL
BE ACTIVATED ON CHRISTMAS DAY AND WILL WIPE OUT YOUR SYSTEM.
LET EVERYONE KNOW OF THIS.
Another version of the hoax reads:
If anyone has sent you, a game called "elfbowl.exe"
(cool> game, tenpin bowling with little elves as pins),
it apparently has a virus that will be activated on
December 25th. Either take a risk, or delete before then.
At the time of writing Sophos researchers have not encountered
an infected copy of either of these multimedia games. However,
it is perfectly feasible for either of the programs to be infected by
a virus at a later date and redistributed (either deliberately or
accidentally) via email.
Sophos recommends companies consider a rule of not allowing
users to receive and send executable files, without authorization.
Users may complain that they are no longer able to share computer
games, greetings cards and "amusing" joke programs but it will
reduce their chances of being infected by a computer virus.