They are there in your inbox when you wake up. You get more during the day. They are with you late at night. “They” are spam—the e-mail messages that are either pure junk or an Internet hoax. Even though you may know it is a hoax, some of us invariably keep getting sucked in and pass these e-mails on to our friends, thinking we are doing a good deed. Let’s take a little deeper look at these daily e-mails that clog up our inbox.
Internet hoaxes and chain letters are e-mail messages written with one purpose—to be sent to everyone you know. The messages they contain are usually untrue. A few of the sympathy messages do indeed describe a real situation, but that situation was usually resolved years ago, so the message is not valid and has not been valid for many years. Hoax messages try to get you to pass them on to everyone you know by using several different methods of social engineering.
Most of the hoax messages play on your need to help other people. Who wouldn’t want to warn friends about some terrible virus that is destroying people’s systems? Or, how could you not want to help a poor little girl who is about to die from cancer? It is hard to say no to these messages when you first see them, though after a few thousand have passed through your mailbox, you hopefully learn to delete them without even looking.
Chain letters are lumped in with hoax messages because they have the same purpose but use a slightly different method of coercing you into passing them on to everyone you know. Chain letters, like their printed ancestors, generally offer luck or money if you send them on. They play on your fear of bad luck and the realization that it is almost trivial for you to send them on. This is true even more so with e-mail than with regular mail because it is easy to just hit a button and pass it on to all of your friends. The chain letters that deal in money play on people’s greed and are illegal no matter what they say in the letter.
People send chain letters for a variety of reasons. Only the original writer knows the real reason, but some possibilities are (1) to see how far a letter will go, (2) to harass another person (by including an e-mail address and asking everyone to send e-mail to the targeted person), (3) to bilk money out of people using a pyramid scheme, (4) to kill some other chain letter, or (5) to damage a person’s or organization’s reputation.
HOW TO RECOGNIZE A HOAX
Probably the first thing you should notice in a warning message is the request to “send this to everyone you know” or some variation of that statement. This should raise a red flag that the warning is probably a hoax. No real warning message from a credible source will tell you to send this to everyone you know.
Next, look at what makes a successful hoax. There are 2 known factors that comprise a successful hoax: the persuasiveness of its technical-sounding language or its credibility via association. If the warning uses the proper technical jargon, most people, including technologically savvy people, tend to believe the warning is real. For example, a warning says that “if the program is not stopped, the computer’s processor will be placed in an nth-complexity infinite binary loop, which can severely damage the processor”. The first time you read this, it sounds like it might be something real. With a little research, you find that there is no such thing as an nth-complexity infinite binary loop and that processors are designed to run loops for weeks at a time without damage.
Credibility by association refers to who sent the warning. If a low-level employee at a large technological organization sends a warning to someone outside the organization, people on the outside tend to believe the warning because the company should know about those things. Even though the person sending the warning may not have a clue to what he is talking about, the prestige of the company backs the warning, making it appear real.
If a manager at the company sends the warning, the message is doubly backed by the company’s and the manager’s reputations.
Both of these items make it difficult to claim a warning is a hoax, so you must do your homework to see if the claims are real and if the person sending the warning is a real person and is someone who would know what they are talking about. You do need to be careful verifying the person since the apparent author may be a real person who has nothing to do with the hoax. If thousands of people start sending these people mail asking if the message is real, it essentially constitutes an unintentional denial of service attack on that person. Check the person’s company Web site to see if the hoax has been responded to there.
The best place to check Internet scams is at these Web sites: snopes.com or urbanlegends.com. An urban legend is another form of an Internet hoax. It appears mysteriously and spreads spontaneously in varying forms and contain elements of truth and untruths. Urban legends usually make for good storytelling and do not have to be totally false, although most are. Most urban legends often have a basis in fact, but it’s their life after the fact that gives them particular interest. These Web sites are quite interesting to monitor—you just won’t believe some of the “legends” that we believe and perpetuate!
RECOGNIZING A CHAIN LETTER
Chain letters and most hoax messages all have a similar pattern. From the older printed letters to the newer electronic kind, they all have 3 recognizable parts: a hook, a threat, and a request.
First, there is a hook, to catch your interest and get you to read the rest of the letter. Common hooks are “Make Money Fast” or “Get Rich” or similar statements related to making money for little or no work. Electronic chain letters also use the “free money” type of hook but have added hooks like “Danger!” and “Virus Alert” or “A Little Girl Is Dying.” These tie into our fear for the survival of our computers or into our sympathy for some poor unfortunate person.
When you are hooked, you read on to the threat. Most threats used to warn you about the terrible things that will happen if you do not maintain the chain. However, others play on greed or sympathy to get you to pass the letter on. The threat often contains official- or technical-sounding language to get you to believe it is real.
Finally, the request. Some older chain letters ask you to mail a dollar to the top 10 names on the letter and then pass it on. The electronic ones simply admonish you to “distribute this letter to as many people as possible.” They never mention clogging the Internet or the fact that the message is a fake; they only want you to pass it on to others.
Chain letters usually do not have the name and contact information of the original sender, so it is impossible to check on their authenticity. Legitimate warnings and solicitations will always have complete contact information from the person sending the message and will often be signed with a cryptographic signature such as PGP, to assure its authenticity. Many of the newer chain letters do have a person’s name and contact information, but this person either does not really exist or does exist but does not have anything to do with the hoax message.
For example, the PENPAL GREETINGS! hoax shown below appears to be an attempt to kill an e-mail chain letter. As you study this example, note that this chain letter is a hoax because reading a text-only e-mail message does not execute a virus nor does it execute any attachments; therefore the Trojan Horse must be self- starting. Aside from the fact that a program cannot start itself, the Trojan Horse would have to know about every different kind of e-mail program to be able to forward copies of itself to other people. Notice the 3 parts of a chain letter, which are easy to identify in this example.
Subject: Virus Alert
If anyone receives mail entitled: PENPAL GREETINGS! delete it without reading it. Below is an explanation of the message and what it would do to your PC if you were to read it. If you have any questions or concerns, please contact SAF-IA Info Office at 697-5059.
This is a warning for all Internet users—there is a dangerous virus propagating across the Internet through an e-mail message entitled “PENPAL GREETINGS!”
Do not download any message entitled “PENPAL GREETINGS!”
This message appears to be a friendly letter asking you if you are interested in a penpal, but by the time you read this letter, it is too late. The Trojan Horse virus will have already infected the boot sector of your hard drive, destroying all of the data. It is a self-replicating virus, and once the message is read, it will automatically forward itself to anyone whose e-mail address is present in your mailbox! This virus will destroy your hard drive and holds the potential to destroy the hard drive of anyone whose mail is in your inbox (and whose mail is in their inbox, and so on). If this virus remains unchecked, it has the potential to do a great deal of damage to computer networks worldwide. Please, delete the message entitled “PENPAL GREETINGS!” as soon as you see it!
Pass this message along to all your friends and relatives and to the readers of the newsgroups and mailing lists which you are on so they are not hurt by this dangerous virus.
WHAT TO DO WHEN YOU RECEIVE A WARNING
Upon receiving a warning, you should examine its signature to see that it is from a real response team or antivirus organization. If there is no signature, check at the hoax sites listed above to see if the warning has already been declared as a hoax. If you do not find the warning at the hoax sites, it just may mean that they have not yet seen this particular hoax. When in doubt, check it out and don’t send it out!
Internet hoaxes, urban legends, and chain letters are annoying and frustrating. Your best defense is to ignore and delete them as soon as you see them. We have learned over time how to go through our regular mail and throw the junk mail out without opening it. Let’s learn how to do the same with Internet junk e-mail.