Protecting Against Hoaxes Part III
Helping users to understand what hoaxes look will go along way in protecting against them. Most e-mail hoaxes (and almost all of the really successful ones) come in several recognizable categories:
- The technical warning. Many successful hoaxes use highly technical language to describe a threat. The description is often complete nonsense.
- The Good Samaritan ploy. Hoaxes don’t just warn you of a mythical threat, they play on your desire to help your friends, or to appear important, and cajole you into sending the fake warning to everyone you know. This lends the warning an air of authenticity because it comes from someone users know.
- The too-good-to-be-true offer. Among other common ploys are those get rich quick schemes that clearly sound too good. They’re usually pretty stupid, but people fall for them every day.
The e-mail hoax is just the technological equivalent of the chain letter and follows the age-old three-part pattern of all successful cons:
- The hook
First, there will be an appeal to greed or compassion or the chance to show off by being the first to warn your friends. The hook is the virus warning, the dying child announcement, the offer to make Big Money at Home While Sleeping, or a similar catchy subject line that is expanded in the first several paragraphs if you open the e-mail. - The threat or warning
The message will quickly move on to warn of severe damage that could occur to your computer (or some other dire consequences that might befall you) if you don’t take a certain action. - The action
Although a few hoaxes will simply rely on your inherent desire to share good or bad news, nearly all of them will include a final plea to send copies of the original message to as many people as you can.
Certainly the most easy-to-identify feature shared by all hoaxes is this: They come in an e-mail, not from a trusted Web site or a mailing list you have subscribed to, but from an untrusted source. That should be such a gigantic red flag that no other warning is needed.
Protecting Against Hoaxes Part II
As you learned in the previous installment of this article, educating users is one way you can reduce the threat of hoaxes. Another way, which would also cut the number of incidents that you have to respond to, is to ban user access to outside e-mail accounts from work. This is usually done via Web mail, Outlook Express, or even users who’ve loaded AOL software on their work computers. You’ll get a lot of complaints about a policy like this at first, but you should point out that this is akin to the normal ban on personal phone calls at work, except for emergencies or other urgent incidents.
If you decide on such a policy, you will also have to remind workers that their company e-mail account is not private, and they should never use it for any non-business purpose. Make sure they understand that it’s for business use only, and that their account may be routinely accessed by others in the company for legitimate reasons, such as when they are out sick or on vacation.
A policy banning access to personal e-mail accounts, complete with rigorously enforced sanctions against violators, will not only eliminate many of the threats from time-wasting hoax e-mails, but will also help mitigate a cause of real virus and worm infections: Employees opening infected attachments disguised as everything from lottery tips to nude photos of some actress or actor.
Protecting Against Hoaxes Part I
Hoaxes can be a major drain on an IT department’s resources. Unfortunately, many hoaxes are simply time-wasting pranks intended to make fun of novice or clueless users, but others include instructions that, if followed, will wreak havoc on a personal system or even a network. And many of the hoax e-mails that don’t contain malicious payloads or damaging directions are used by spammers to collect new victims’ addresses.
Just because hoaxes may not contain anything damaging does not mean they should be ignored. Not only will they get you on spam lists, the original hoax can be hijacked and turned into a malicious attack.
As usual, educating users is the best way to combat any threats from hoaxes. One way to educate used is by having a detailed usage policy that all users have to read and follow. Part of the guide could be a brief explanation of the basic threats and problems faced by businesses using the Internet.
A brief introductory talk to staff and new workers covering the following topics would be suffice for most employees:
- Virus threats are not announced by e-mails. These are always hoaxes and the IT department is usually notified about new viruses long before you could get an e-mail warning.
- E-mail addresses can be hijacked. If a message appears to be from someone you trust but the message seems somehow odd, it is probably a fake message that was automatically forwarded by a virus.
- Never open any unexpected e-mail attachments.
- Never forward any virus threat e-mails or attempt to deal with the supposed threat by following instructions contained in an e-mail. Contact the IT department if you have a concern, and it will take any necessary actions.
© 1996-2006, Lockergnome LLC. ISSN: 1095-3965. All Rights Reserved. Please read our Privacy Policy and Terms of Service. Email newsletters powered by WhatCounts. Domain registered at GnomeDOMAINS. T-shirts and Screen Printing at CustomInk. Computer service from Comtec.
- Add to iTunes
- Add to YouTube
- Add to Google
- Add to Yahoo!
- Add to AOL
- Add to Bloglines
- Add to NewsGator
- Blog Feed
- Video Feed
- Audio Feed
- Live Feed
-
-
Search
-
About
Information Technology aid for Windows, Linux, and OS X users, solid SysAdmin advice, troubleshooting links, job assistance, and more for technology pros.
- Indianapolis Trees Provide $5.7M In Benefits
- Nanotechnology In Reverse Uses Cell To Calibrate Tools
- Adding Up Business And Energy
- NASA Study Links Earth Impacts To Human-Caused Climate Change
- Automatic Eyeglasses Prescriptions?
- MIT Creates New Material For Fuel Cells
- Teens Reach Linguistic Peak In Online Chat
- Studies Confirm Greenhouse Mechanisms Even Further Into Past
- Student Innovation Could Improve Data Storage, Magnetic Sensors
- Astronaut Health On Moon May Depend On Good Dusting
- Rensselaer Student Invents Alternative To Silicon Chip
- Prism Glasses Expand The View For Patients With Hemianopia
- Medicare Cuts Will Hurt Physicians In Small Practices
- Computer Game’s High Score Could Earn The Nobel Prize In Medicine
- UV Lotion Lights The Way To Cleaner Facilities
- First Steps Toward Autonomous Robot Surgeries
- Undergrad Has Sweet Success With Invention of Artificial Golgi
- Ponds Found To Take Up Carbon Like World’s Oceans
- High Fuel Prices Could Slash U.S. Emissions
- Socrates In The Classroom Develops Students’ Thinking
- Online Web Conferencing for Meetings
- Network Tools for Windows
- Trade in Your Cell Phones for Money
- Get Your Own Web Site
- Get a Free Audio Book
- VMware and Parallels for Virtual Machines
- Screenshots and Capture Software
- Shopping Coupons and Codes
-
Meta