So I get into work this morning, pour me my hot cup of Joe, and fix up my bowl of oatmeal. Like many people, I am just not in the mood for shenanigans for the first 30 minutes or so of work. Anyhoo, I open my email and there it was, a message from one of the office managers at one of our field offices asking me if everyone was aware of a virus she was "warned" about in an email. Now, to the simple
loser...errr...user, this looks like a legit email. I mean Snopes.com "confirmed" it and everything.
Ugghhhh! I hate to break it to some of you, but Snopes isn't really an internet security authority. They have some fun info on Urban legends, but for virus warnings and what not, you need to turn to industry leaders for the real scoop. Companies like Trend Micro, McAfee and the like have indexes of hoax emails where you can check stuff like that without perpetuating the problem by sending out more bogus emails and getting people worried unnecessarily.
Marc Fossi of Symantec said it best when he wrote:
Who cares about a few extra hoax messages zipping around these sites? It’s their bandwidth and not yours after all. Well, the big deal seems to be with where people are placing their trust. They’re trusting that messages they get through these sites are authoritative and legitimate. They also trust links and applications they see on their friends’ profile pages. So what happens when one of these hoax messages also includes a link to a program that will “detect and remove” some super virus from your computer? How many people will follow that link only to have it lead to a page that exploits some Web browser vulnerability to install a real malicious program?
So what's the moral of the story? Same as it ever was:
- Always remain vigilant
- Never open a suspicious attachment
- DON'T FORWARD HOAX EMAILS!