pbn_logo.gif (6296 bytes)


Solutions: Educate Your Staff About Hoax Viruses

By Jeff Bloom & Rob Kay

It's bad enough nowadays with spammers, hackers and other nuisances on the Net. As if these aren't enough to keep your attention, we've noticed lately a plethora of virus hoax emails warning people to take unnecessary measures to protect themselves. The problem is many of the actions that these virus warnings instruct us to do, might actually wreak havoc on your PC.

Here's an example.

The other day we received an email appeared on the screen with the subject heading proclaiming "VIRUS WARNING". It looked legitimate enough. Here's how the message went:

Hi everyone,

My address book has been infected with a virus, and as a result, so has yours. The virus is named jdbgmgr.exe . It cannot be detected by Norton or McAfee anti-virus programs. It sits quietly for 14 days before damaging your system. It is sent automatically by messenger and by the address book, whether or not you sent e-mails.

The message went on to give a very detailed, numbered instruction list on how to get rid of the virus. For example our email said:

1. Go to "Start", then "Find" or "Search"
2. In "Files/folders", write the name jdbgmgr.exe
3. Be sure to search in your "C" drive
4. Click "Find" or "Search"
5. The virus has a small teddy bear logo with the name
jdbgmgr.exe 6. DO NOT OPEN IT
7. Right click and delete it

The final suggestion proclaimed in uppercase text that "IF YOU FIND THE VIRUS YOU MUST CONTACT EVERYONE IN YOUR ADDRESS BOOK." The writer went on to say that he or she was "Sorry for the inconvenience....but like most viruses...my computer got it from someone else's. It was easy to delete following the above directions." Certainly any conscientious individual would want to follow these instructions and make sure that your colleagues, friends and family on your email list don't' succumb to yet another virus.

However, don't be fooled. The moment you notice words to the effect that the virus "cannot be detected by Norton or McAfee" a red flag should go up. These companies represent the gold standard when it comes to anti-virus detection and most certainly would know about this issue. The main thing is not to delete any code unless an expert you know tells you to do so. If you were to delete what this message tells you to do, some web pages won't load correctly and you could be creating big problems for yourself.

Unfortunately there are dozens of virus hoaxes out there with names like AIDS, Antichrist, Discount Virus, Death69, ad nauseam. Many of them are attached to legitimate news events.

An issue that we see is that virus hoaxes might lead to what we call the "boy who cried wolf" syndrome. Ken Goldstein, a long time computer expert here in Hawaii, told us "Virus hoaxes may actually cause some users to routinely ignore all virus warning messages. Thus when a real virus comes along, and you believe it to be another phony, you're vulnerable to some really destructive code."

So what do you do? The next time you receive an urgent virus warning, be sure to check the list of known virus hoaxes below either on McAfee's hoax web site http://vil.mcafee.com/hoax.asp or on a similar site that Norton has set up at http://www.symantec.com/avcenter/hoax.html. A great site to visit that actually tracks virus hoaxes is http://www.vmyths.com/ which makes fascinating reading.

Keep in mind that virus writers are very clever and can use known hoaxes to their advantage. For example, AOL4FREE began as a hoax virus warning. Then somebody distributed a destructive "Trojan" attached to the original hoax virus warning!

The upshot is, tell your employees never delete program code or, open an email attachment even if it's from someone they know and trust.

Jeff Bloom, former SBA Small Business Person of the year, is the founder of CTA, a full service IT and HR solutions provider based in Honolulu. His contact is jeffb@cta.net or 839? 1200. Rob Kay is a Honolulu-based public relations practitioner who specializes in technology. He can be reached at rkay@pactechcom.com or 539-3627.

Published Jan 3, 2003

ruler3.gif (618 bytes)
Home / About Pac-Tech / PR Services / Clients / Clips--Hawaii--National