I don’t get particularly upset about spam email. I just delete it and move on. Chain letters and hoaxes can fall into this category. Lot’s of times you also get them from well meaning people you know. These are dire warnings about devastating new viruses, Trojans, and malicious software. Often you get messages about free money, children in trouble, and other items designed to grab you and get you to forward the message to everyone you know. You have to be careful not to perpetuate a hoax, especially when that tells you to do something, especially something that might damage your computer.
Here are some tips from an old Computer Incident Advisory Capability (CIAC) website story that I had in my files.
How to Recognize a Hoax
Probably the first thing you should notice about a warning is the request to “send this to everyone you know” or some variant of that statement. This should raise a red flag that the warning is probably a hoax. No real warning message from a credible source will tell you to send this to everyone you know.
Next, look at what makes a successful hoax. There are two known factors that make a successful hoax, they are:
(1) technical sounding language.
(2) credibility by association.
If the warning uses the proper technical jargon, most individuals, including technologically savvy individuals, tend to believe the warning is real. For example, the Good Times hoax says that “…if the program is not stopped, the computer’s processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor…”. The first time you read this, it sounds like it might be something real. With a little research, you find that there is no such thing as an nth-complexity infinite binary loop and that processors are designed to run loops for weeks at a time without damage.
When we say credibility by association we are referring to who sent the warning. If the janitor at a large technological organization sends a warning to someone outside of that organization, people on the outside tend to believe the warning because the company should know about those things. Even though the person sending the warning may not have a clue what he is talking about, the prestige of the company backs the warning, making it appear real. If a manager at the company sends the warning, the message is doubly backed by the company’s and the manager’s reputations.
Recognizing a Chain Letter
Chain letters and most hoax messages all have a similar pattern. From the older printed letters to the newer electronic kind, they all have three recognizable parts:
· A hook.
· A threat.
· A request.
First, there is a hook, to catch your interest and get you to read the rest of the letter. Hooks used to be “Make Money Fast” or “Get Rich” or similar statements related to making money for little or no work. Electronic chain letters also use the “free money” type of hooks, but have added hooks like “Danger!” and “Virus Alert” or “A Little Girl Is Dying”. These tie into our fear for the survival of our computers or into our sympathy for some poor unfortunate person.
When you are hooked, you read on to the threat. Most threats used to warn you about the terrible things that will happen if you do not maintain the chain. However, others play on greed or sympathy to get you to pass the letter on. The threat often contains official or technical sounding language to get you to believe it is real.
Finally, the request. Some older chain letters ask you to mail a dollar to the top ten names on the letter and then pass it on. The electronic ones simply admonish you to “Distribute this letter to as many people as possible.” They never mention clogging the Internet or the fact that the message is a fake, they only want you to pass it on to others.
Chain letters usually do not have the name and contact information of the original sender so it is impossible to check on its authenticity. Legitimate warnings and solicitations will always have complete contact information from the person sending the message and will often be signed with a cryptographic signature. Many of the newer chain letters do have a person’s name and contact information but that person either does not really exist or does exist but does not have anything to do with the hoax message.
It is best not spread chain letters and hoaxes by sending copies to everyone you know. Sending a copy of a cute message to one or two friends is not a problem but sending an unconfirmed warning or plea to everyone you know with the request that they also send it to everyone they know simply adds to the clutter already filling mailboxes.