How to identify a Hoax Virus Warning

What to do if you receive a Virus Warning

FIRST, CHECK with
Google http://www.google.com
McAfee http://www.mcafee.com
Sophos http://www.sophos.com
Symantec http://www.symantec.com
to see if it is a hoax.

SECONDLY, sign up for McAfee's Virus Warning Emails so you can ignore all the others.

THIRDLY, delete it without forwarding it to anybody.

There are several methods to identify virus hoaxes, but first consider what makes a successful hoax on the Internet. There are two known factors that make a successful virus hoax, they are:

1. technical sounding language, and

2. credibility by association.

When we say credibility by association we are referring to who sent the warning. If the janitor at a large technological organization sends a warning to someone outside of that organization, people on the outside tend to believe the warning because the company should know about those things. Even though the person sending the warning may not have a clue what he is talking about, the prestige of the company backs the warning, making it appear real. If a manager at the company sends the warning, the message is doubly backed by the company's and the manager's reputations.

Individuals should also be especially alert if the warning urges you to pass it on to your friends.

This should raise a red flag that the warning may be a hoax.

Another flag to watch for is when the warning indicates that it is a Federal Communication Commission (FCC) warning. According to the FCC, they have not and never will disseminate warnings on viruses. It is not part of their job.

DO NOT circulate virus warnings without first checking with an authoritative source.

Authoritative sources are your computer system security administrator or a computer incident advisory team. Real warnings about viruses and other network problems are issued by different response teams. If you download a warning from a web site or validate the PGP signature, you can usually be assured that the warning is real. Warnings without the name of the person sending the original notice, or warnings with names, addresses and phone numbers that do not actually exist are probably hoaxes.

PC Security

You are right to be concerned about Computer Security if you connect to the internet. My computer is secured with Symantec's Norton SystemWorks - AntiVirus, Firewall and LiveUpdate, so I'm AUTOMATICALLY made safe as soon as new viruses appear.

I have personally received DOZENS of emailed viruses (7 in the first 4 months of 2004) but none has harmed my computer or my data. If you are not aware of Trojan Horse viruses, the chances are your computer is wide open to potential attack from malicious hackers or harmful viruses.

If you think you've got a virus.

For a FREE CHECK on your computer security, visit this web site.

Ensure that your PC has a major company's security software.
Recommendations:
Buy and install Symantec SystemWorks or Norton Internet Security
KEEP Antivirus definitions UPDATED with automatic LiveUpdate
Keep the software up to date with LiveUpdate
Amazon.co.uk teamed up with Symantec to launch a new shop, packed with special offers. Fix Windows problems at the click of a button - make your Internet connection safe - protect your data.


Visit the Symantec Shop at Amazon.co.uk (see sidebar).

Advice on creating and using passwords

  • Never use a password that is easily guessed by those who know you, e.g. don't use names of members of your family or pets.
  • Never use a numerical password that is associated with you publicly, e.g. don't use your telephone number.
  • Never use a mixed number/letter password that is associated with you publicly, e.g. don't use your present vehicle registration plate.
  • Never use your name or User ID also as your password - or "Fred" or "Password!"
  • Never use passwords containing complete words, in any language.
  • Never let anyone see what you are typing - either from the screen or the keyboard - when logging on in a public place such as an Internet Cafe.
  • Never tell anyone your password. Did you know that someone can copy or remove your email before you get to it, if they know your ISP logon and password?
  • Never re-use the same password you have used the previous twelve times.
  • Never post or write down your password in obvious places.
  • Never embed your password in any automated logon procedure.


Good Practices, if the system allows it:

Change your password at least every 90 days.
Use a password that contains a combination of numbers and letters -
Use six characters or more.
Make your password complicated but easy for your to remember.
When creating your password, think of a memorable phrase, e E.g. "The Quick Brown Fox Jumps Over The Lazy Dog" Use the first letter of each word and convert some into numbers that resemble letters, such as in this example: tq6fj0tld. Some systems differentiate between UPPERCASE and lowercase characters, so mix some of those in, too, where possible, e.g. Tq6fj0TLd
Amazingly, one well-known UK Bank forces letters-only passwords, while another provides you with an unchangeable password that is all numbers!

Scams to collect or confirm your email address

Do not reply, unless you WANT to give them your confirmed email address...

Ever wondered how people get your email address? One way is simple - they use 'harvesting' software to trawl the world wide web pages - find @ signs, and, hey presto, they have millions of email addresses. Some CDs of address lists are compiled in this way. These can be sold to people who like to "spam" - or send genuine unsolicited commercial email (UCE).

Since I installed Norton Personal Firewall, I have been amazed at how many emails that arrive as a "web page" are being used to collect my email address. They don't get it from me because Norton Personal Firewall allows me to "block" sending email addresses to the requesting web site.

I wholeheartedly recommend you install Norton Personal Firewall.

One problem is that the email addresses are not confirmed, so this type of business would like you to CONFIRM that your email is correct and that it is ACTIVE. So, a company who is doing this just for the email-list business, or selling email addresses as a side-line revenue, may send you an innocuous email which ends with something like...

"If you do not wish to receive this regular free report, simply reply and type REMOVE in the subject box, to listmanager@aaaaaaaaa.com
Thank you."
The only reason they want you to reply is to turn their "possible" email address they have for you, into a "confirmed and active" email address, which is much more saleable! If you don't want them to gain from confirming your email address, simply delete the email.

Top 9 security tips.

I also recommend Zone Alarm a free firewall.
Download here.

And Mail Washer another freebie, but very effective.
MailWasher Free
Or if you have more than one email address try Mailwasher-pro well worth the upgrade.

If you ever need to know when an email has been recieved try

Another freebie but worth upgrading if you use email alot.