Hoax e-mail messages carry dangerous payload

Hoax e-mail messages carry dangerous payload

Have you ever received an e-mail message warning you of a destructive screensaver featuring the Budweiser frogs? Or, how about a message instructing you to search for and delete a SULFNBK.EXE file?

FOR MORE INFORMATION:
SearchSecurity news exclusive: "Think your e-mail is secure? Think again"

SearchSecurity technical tip: "E-mail security: Defending the server


Feedback on this story? Send your comments to Assistant News Editor Edward Hurley

Both messages are common examples of e-mail hoaxes. These creations rely purely on social engineering, not technology, to spread. While many are just nuisances, others such as the SULFNBK.EXE hoax, encourage recipients to make system changes.

SULFNBK.EXE arrives as a warning that the recipient may have a virus on their computer. It then instructs them on how to find the "virus" on their hard drive. Then the warning says to delete the file. Actually, the file is a system utility for handling files with long names, said Chris Wraight, technology consultant at Sophos. This utility is not required for running Windows but it's necessary to restore long files names if they are damaged or corrupted.

Beyond doing actual damage, these warnings distract users and IT departments away from more pressing work. Hoaxes can actually be more costly than some viruses as IT departments respond according to their procedures as though it was a virus, said Carey Nachenberg, chief architect for Symantec Security Response team.

Nachenberg warns to be wary of e-mail from official-sounding sources or a software company. For example, the Budweiser frog screensaver warning purports to come from Microsoft. "AOL has said that this is a very dangerous virus and that there is NO remedy for it at this time," the message also said.

False warnings often contain a lot of spelling and grammatical errors. These warnings may contain a lot technical babble that wouldn't make sense to technical people.

Another hoax, called Good Times, for example, said: "If the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop -which can severely damage the processor if left running that way too long." Good Times is an e-mail-based hoax that dates back to 1994. It warns against a bogus virus called "Good Times" that could erase hard drives.

"That makes no sense," Nachenberg said.

Look for lots of misspelling or bad grammar. Also, be suspicious of messages that specifically ask you to pass on the messages to your friends.

The Budweiser frog message said: "Please share it with everyone that might access the Internet. Once again, Pass This Along To EVERYONE in your address book so that this may be stopped."

Users who receive any warnings should check with their anti-virus companies or better yet forward these messages to their IT department. This is especially important for warnings that ask the user to make system changes.

"Nine times of out 10, the IT department will probably administer any system changes for you," Wraight said.

Dig deeper on Email and Messaging Threats (spam, phishing, instant messaging)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close