With the increase growth of viruses and Trojan programs, many users have used the Internet as a tool to warn distant friends and co-workers. However, recently there has also been a growth of Virus Hoax Warnings. These warnings often describe fantastical and often impossible virus or Trojan program characteristics.
Click Here for information on Questionable Attachments
Norton Anti-Virus Removal Tools here
Questionable Addresses
Some messages (with infected attachments) may come in with a
questionable
sender address or 'hidden' recipient list. If you should receive
a message where the sender's name is prepended by an underscore (_),
that message may very well be suspect. The sender won't know they're
infected.
Also be wary of messages addressed to "undisclosed recipients".
Blind
copying is an accepted method of transmittal but the undisclosed
phrase is questionable.
Undeliverable message 'warnings'
From time to time, you may get a message stating that your message was undeliverable. However the recipient in the returned message may be unknown to you. Due to the nature of the more recent worm infections, it is very unlikely that your system was involved particularly if your anti-virus installation is up-to-date.
When the host is infected, the worm will randomly grab names from that system's addressbook (MS Outlook) and send itself to the names it has picked. It will also use one of the names it found as the sender. Thus when you have received an undeliverable message, it was your name entry from the infected computer that was actually transmitted.
Be also aware that there is a very good chance that an infected attachment may also has been forwarded to you. Look at the message size on the right side of the Netscape message list. The KLEZ worm will display a message size of about 130Kbytes. Bugbear may be around 70kbytes. These are the current common ones, but worm infected attachments can take all sizes. The give away is in the name of the attachment. Periodic broadcasts regarding the emergence of worms are made and include general descriptions on what to look out for. In addition, an attachment with one of the following extensions should be avoided:
BAT, COM, EXE Program
Applications
PIF,
LNK
Program Shortcuts
VBS,
VB
Visual Basic Script
SCR
Screen Saver
ZI
Part name of ZIP
PLUS:
REG, CHM, CNF, HTA, INS, JSE,
MA?, SCF, SCT, SHB,
SHS, WS?, XNK, CMD, CPL
Don't even think of opening them. Of course, if you do, we reserve the right to exclaim 'We told you so'.
ZIP File Archives - the ZIP file may not be the problem but what's in it can be. Save and Scan first.
Some things to remember when receiving or reading e-mail messages:
1.If you receive an e-mail with an attached file from an unknown source, simply delete it. You wouldn't let a stranger in your house, why would you let a stranger in your computer.
2.Simply reading an e-mail message will not infect you. There must be an attached file in order to infect you.
3.Viruses and Trojan programs must have code that is executed in order to infect. If you "double-click" an attached file on an e-mail message, you are executing this code and may infect your machine.
4. If someone sends you a program to 'clean' your system
because
they claim they may have sent you something, IGNORE the message
and DO NOT open the attachment. IF you are provided with
a
link to McAfee, NORTON, or one of the more popular anti-virus vendors,
you may proceed.
Virus Hoaxes and UrbanLegends
For a commentary on Hoaxes click here
Please ignore any messages received regarding the supposed "viruses" or "promotional gimmicks" listed below. They all contain bogus information, and are intended only to frighten or confuse users. The list below is a reproduction of the messages. Please refer to the list whenever you receive what appears to be a bogus message regarding a new virus, promotion, or the like.
Note: It's impossible to keep up, so....
For a up-to-date version of this list please go to
http://securityresponse.symantec.com/avcenter/hoax.html
SPAM or HOAX Killing Sites:
VMyths (formerly KUMITE.COM/myths)
URBANLEGENDS
"Break the Chain"
(NEW)
Snopes Urban
Legends Reference Pages
Scambusters
Legends
page
Datafellows
NAI
Symantec
CERT
Hoaxkill service
Internet Scambusters
Virus Hoaxes
Sophos.com/virusinfo/infofeed/more.html
Hoax Info
Yahoo
Urban Legends Page
Click on Thirteen Things you should know about hoaxes and the like.
And a quick rule of thumb:
Beware
any file sent by someone you don't know.
Beware
any file sent by someone you DO know,
particularly
if you weren't aware it was coming.
Remember... the data you save may be your own.
As always, if you should receive or see an announcement on a
virus
or trojan or worm, please do not hesitate to contact someone for help
or
check one of the sites listed above. You do NOT have to forward
the
message to a hundred of your friends - some of them may become
ex-friends.
Check first.
This page updated August 01, 2010