A computer virus hoax is a message warning the recipient of a non-existent computer virus threat. The message is usually a chain e-mail that tells the recipient to forward it to everyone they know.
Contents |
Most hoaxes are sensational in nature and easily identified by the fact that they indicate that the virus will do nearly impossible things, like blow up the recipient's computer and set it on fire, or less sensationally, delete everything on the user's computer. They often include fake announcements claimed to originate from reputable organizations such as Microsoft, IBM or McAfee together with news media such as CNN. These bogus sources are quoted in order to give the hoax more credibility. Typically, the warnings use emotive language, stress the urgent nature of the threat and encourage readers to forward the message to other people as soon as possible.
Virus hoaxes are usually harmless and accomplish nothing more than annoying people who identify it as a hoax and waste the time of people who forward the message. Nevertheless, a number of hoaxes have warned users that vital system files are viruses and encourage the user to delete the file, possibly damaging the system. Examples of this type include the jdbgmgr.exe virus hoax and the SULFNBK.EXE hoax.[1][2]
Some consider virus hoaxes and other chain e-mails to be a computer worm in and of themselves. They replicate by social engineering—exploiting users' concern, ignorance, and disinclination to investigate before acting.
Hoaxes are distinct from computer pranks, which are harmless programs that perform unwanted and annoying actions on a computer, such as randomly moving the mouse, turning the screen display upside down, etc.
Anti-virus specialists agree that recipients should delete virus hoaxes when they receive them, instead of forwarding them.[3][4]
McAfee says:
We are advising users who receive the email to delete it and DO NOT pass it on as this is how an email HOAX propagates.[3]
F-Secure recommends:
Do not forward hoax messages.
Hoax warnings are typically scare alerts started by malicious people – and passed on by innocent individuals that think they are helping the community by spreading the warning.
Corporate users can get rid of the hoax problem by simply setting a strict company guideline: End users must not forward virus alarms. Ever. It's not the job of an end user anyway. If such message is received, end users could forward it to the IT department but not to anyone else.[4]
Name | Alias(es) | Origin | Author | Description |
---|---|---|---|---|
Antichrist | (none) | Monmouth(uk) | Dylan Nicholas | This is a hoax that warned about a supposed virus discovered by Microsoft and McAfee named "Antichrist", telling the user that it is installed via an e-mail with the subject line: "SURPRISE?!!!!!!!!!!" after which it destroys the zeroth sector of the hard disk, rendering it unusable.[5] |
Budweiser Frogs | BUDSAVER.EXE | Unknown | Unknown | Supposedly would erase the user's hard drive and steal the user's screen name and password.[6] |
Goodtimes virus | (none) | Unknown | Unknown | Warnings about a computer virus named "Good Times" began being passed around among Internet users in 1994. The Goodtimes virus was supposedly transmitted via an email bearing the subject header "Good Times" or "Goodtimes," hence the virus's name, and the warning recommended deleting any such email unread. The virus described in the warnings did not exist, but the warnings themselves, were, in effect, virus-like.[7] |
Invitation attachment (computer virus hoax) | (Allright now/I'm just sayin) | Michiana Shores, Long Beach, Jamestown Manor, Michigan City (IN), Schaumburg (IL) | Jim Flanagan | The invitation virus hoax involved an e-mail spam in 2006 that advised computer users to delete an email, with any type of attachment that stated "invitation" because it was a computer virus. This is also known as the Olympic Torch virus hoax (see below).[8] |
Jdbgmgr.exe | (bear.a) | Unknown | Unknown | The jdbgmgr.exe virus hoax involved an e-mail spam in 2002 that advised computer users to delete a file named jdbgmgr.exe because it was a computer virus. jdbgmgr.exe, which had a little teddy bear-like icon (The Microsoft Bear), was actually a valid Microsoft Windows file, the Debugger Registrar for Java (also known as Java Debug Manager, hence jdbgmgr).[1] |
Life is beautiful | Life is wonderful | Unknown | Supposedly, a hacker with the alias "Life owner" or "Dono da vida" | The hoax was spread through the Internet around January 2001 in Brazil. It told of a virus attached to an e-mail, which was spread around the Internet. The attached file was supposedly called "Life is beautiful.pps" or "La vita è bella.pps".[9] |
NVISION DESIGN, INC. games ("Frogapult," "Elfbowl") | Sometimes included their other game "Y2KGame" | Unknown | Unknown | Programs were actual, legitimate computer games; author claimed that they were viruses which would "wipe out" the user's hard drive on Christmas Day.[10] |
Olympic Torch | Postcard or Postcard from Hallmark | Unknown | Unknown | Olympic Torch is a computer virus hoax sent out by e-mail. The hoax e-mails first appeared in February 2006. The "virus" referred to by the e-mail does not actually exist. The hoax e-mail warns recipients of a recent outbreak of "Olympic Torch" viruses, contained in e-mails titled "Invitation", which erase the hard disk of the user's computer when opened. The hoax email further purports the virus to be acknowledged by such reputable sources as CNN, McAfee and Microsoft as one of the most dangerous viruses yet reported.
Of course this email, which was started in February 2006, is safe to delete when you want.[8] |
SULFNBK.EXE Warning | none | Unknown | Unknown | SULFNBK.EXE (short for Setup Utility for Long File Name Backup) is an internal component of the Microsoft Windows operating system (in Windows 98 and Windows Me) for restoring long file names. The component became famous in the early 2000s as the subject of an e-mail hoax. The hoax claimed that SULFNBK.EXE was a virus, and contained instructions to locate and delete the file. While the instructions worked, they were needless and (in some rare cases, for example, when the long file names are damaged and need to be restored) can cause disruptions, as SULFNBK.EXE is not a virus, but instead an operating system component.[2] |
The virus hoax has become part of the culture of the twenty-first century and the gullibility of novice computer users convinced to delete files on the basis of hoaxes has been parodied in several popular jokes and songs.
One such parody is "Weird Al" Yankovic's song "Virus Alert" from the album Straight Outta Lynwood. The song makes fun of the exaggerated claims that are made in virus hoaxes, such as legally changing your name.[11]
Another parody of virus hoaxes is the honor system virus which has been circulated under the name Amish Computer Virus, manual virus, the Blond Computer Virus, the Irish Computer Virus, the Syrian Computer Virus, the Norwegian Computer Virus, Newfie Virus, the Unix Computer Virus, the Mac OS 9 virus, Discount virus and many others. This joke email claims to be authored by the Amish or other similar low-technology population who have no computers, programming skills or electricity to create viruses and thus ask you to delete your own hard drive contents manually after forwarding the message to your friends.[12]
The Tuxissa virus is another parody of the virus hoax, based on the concept of the Melissa virus, but with its aim of installing Linux on the victim's computer without the owner's permission. The story says that it was spread via e-mail, contained in a message titled "Important Message About Windows Security". It was supposed to first spread the virus to other computers, then download a stripped-down version of Slackware and uncompress it onto the hard disk. The Windows Registry is finally deleted and the boot options changed. Then the virus removes itself when it reboots the computer at the end, with the user facing the Linux login prompt and all his Windows security problems solved for him.[13]