What is a hoax and what isn't

By Craig Worden

Then there’s the Budweiser screensaver warning – yes, another hoax.

These types of e–mail “chain letters” are a plague to e–mail users because they waste time or cause unnecessary panic.

The truth is that they are hoaxes. But how do you know for sure? By applying a little bit of knowledge and common sense.

Here are some telltale signs of an e–mail hoax.

• They all reference an Internet authority, sometimes it’s IBM or Microsoft or America Online – in some cases, it may be all three.

• The author promises that the catastrophic virus will arrive as e–mail and that it’s going to wipe out the recipient computer’s hard drive. They also encourage the recipient to spread the word about the impending doom.

  That line is the dead giveaway to the hoax.

It is the reason for the e–mail’s existence and the means to replicate it over the Net. Basically, the author of the letter/e–mail is taking advantage of people’s good nature and the potential to spread the word as fast as a lightning (literally: speeds of electric power and light seem to be equal).

E–mail is a text file that arrives on a hard drive from the Internet. But, unlike a piece of software, or a macro program, it is not executed or interpreted by your computer system.

In order for a computer virus to spread, it needs to execute some code or programming instructions to wreak the desired havoc. Since e–mail is purely a text file, it cannot be executed. Even if it’s a Web document that arrives in e–mail – called an HTML file in web lingo – it is unlikely to do much harm because Web page technologies – like Active X or Java –– are a difficult medium for viruses. They have been designed to be secure.

There are, however, a few exceptions to this rule.

If an e–mail has a file attachment such as a game or a file saved as a word processing or spreadsheet document, it may contain a virus hidden inside the executive program buried in the file format. To catch and/or spread the virus, you would need to open and run the file in question, though.

Secondly, if the attached file is a document from an office suite program, such as Microsoft Word, it may contain a macro–virus. Today’s advanced office packages often have macro file capabilities, and virus writers like to exploit these potentially weak areas to attack.

A macro is a sort of programming language that can be embedded into a document to perform simple tasks like math. They can also be mini–tools that help with the file format. Should a virus like that infect a system, in most cases it can be easily removed with one of the commercial anti–virus programs. If a program arrives as an attachment, you can scan it with an anti–virus application to clean it before you run it.

However, getting rid of the e–mail virus hoax is not as easy a task. You can delete it from your mailbox, but sure enough, just like a real virus, it is likely to show up again because some well–meaning person or friend on the Net will fall for the joke and you’re going to be on their mailing list.

Further information on hoax viruses is available at Wikipedia E–mail Hoaxes.

Finally, the newly discovered VBS.BubbleBoy worm changes the rules of the game for the virus via e–mail game.

All a user has to do to get this virus is to open an infected e–mail – not the attachment – and the entire system is infected!

This flies against all the rules. Luckily, its makers didn’t release this virus into the wild. They sent it to an anti–virus software maker to prove they – and anybody else, for that matter – could create it.

Users of the free Microsoft Outlook Express e–mail program may catch an infection by simply having "AutoPreview" enabled – a function that shows you the contents of an e–mail in a program window before you open it.

BubbleBoy inserts a script file into the Startup directory of a Windows 98 computer. When the user re–starts the computer, the script runs. BubbleBoy will only work on a computer system with Internet Explorer 5.0 using Windows Scripting Host. It will not run on a Macintosh, Windows NT or default settings for Windows 95.

Luckily, as stated, BubbleBoy’s creators, if that’s the word we’re grasping for here, were considerate enough to send their creation to an anti–virus software maker last November to show this vicious attack is within grasp. We now consider BubbleBoy a low–risk virus, but imagine if its creators decided to go the whole hog!