There’s One Born Every Minute – Or is There?

So why do people fall for these hoaxes? A lot of it goes back to the noble desire to help others. Who wouldn’t want to warn others about a disaster? And it’s so easy to send the warning to hundreds of people at one time: with just a click, you’ve saved your friends from a virus!

Another consideration is the uncertainty that people feel in dealing with computers. Look at the jdbgmgr.exe hoax, which is actually quite ingenious in its fashion. By asking users to confirm that the file is on their computer, it makes people feel like they are participating in their own computer security. Most computer users typically can’t “see” a virus, just the aftermath. This, coupled with the anxiety many people feel about their computers — these large, complicated machines that they really don’t understand — leads to a feeling of certainty when the jdbgmgr.exe file is found on their machines. “Aha!” they think, “Caught one! And there’s the proof — right in front of my eyes!”

It’s funny, but most people would never fall for such a trick in real life. Let’s say I walked up to the same people that fell for the jdbgmgr.exe trick and said, “There are terrorists in this neighborhood. If you see a man in a black hat, call the police, because he’s a terrorist!” Minutes later, a man in a black hat walks by. Would these people call the police? Probably not. They would use their common-sense, their experience of the normal everyday rhythms of life, to judge whether or not someone is a threat.

Computers, however, are the equivalent of a foreign country for many people. When someone is in a country with which they are not familiar, perhaps feeling anxiety because they don’t understand the language (“nth-complexity infinite binary loop”, anyone?), they are more likely to grab onto signposts that will help them. In such a situation, they might be far more likely to fall for my false warning about terrorists.

And if the warning came not from a stranger, but from a friend or acquaintance, as happened when jdbgmgr.exe warnings arrived in email inboxes, then the likelihood of falling victim to a hoax skyrockets. After all, in a foreign country, isn’t the sight of a fellow countryperson always welcome?

Another reason people fall for hoaxes is because they know that anti-virus programs, unfortunately, do not always work. Many viruses spread so quickly that they overwhelm users before anti-virus vendors can update their software. The “Melissa” and “I love you” viruses are good examples of this phenomena. So when users “see” — or think they see, a la jdbgmgr.exe — evidence of the “virus” on their computers, but their anti-virus software says there is no virus, many users are going to believe their eyes and not their software.

Even worse, many users pay no attention to the neccessity of updating their anti-virus software. I have seen office computers with anti-virus databases that are years out of date. When I ask these users why they haven’t updated their software, they typically respond with a blank stare and a plaintive but accurate excuse: “I didn’t know I needed to do that.”

Not Just Harmless Fun – The Real Dangers of Hoaxes

Virus hoaxes are not real viruses, by definition, but that doesn’t mean they don’t have negative effects. In fact, virus hoaxes can be quite damaging in a number of different ways.

First, it is quite possible that a hoax may end up damaging your computer. The email itself won’t have caused the damage. Instead, the email will have convinced you to damage your own computer, as my story about the the jdbgmgr.exe email demonstrates. The folksĀ  responding to the hoax were ready to remove files from their computer that they in fact did not need to remove. They were fortunate that they really didn’t need the file in question, but what about next time? What if the hoax author had more malicious intentions and had instructed gullible recipients to remove a key system file or directory?

Second, a virus hoax results in a waste of resources. The victim wastes valuable time dealing with garbage, and time, after all, is money. People sending the message to friends, family, and colleagues waste bandwidth on the Internet and mail servers. Since these emails usually arrive chock-full of email addresses in the “To” and “CC” fields, spammers treat such warnings as a free gift full of new, valid email addresses they can exploit, further compounding the problem of wasted resources. So remember: if you forward that virus warning, you’ve just multiplied all of the losses above to include everyone else in your address book.

A virus hoax can damage your reputation, or at least make you the butt of jokes. When I receive an email from an acquaintance warning me about jdbgmgr.exe and its dangers, I just shake my head and think “Newbie!” … before I help them. If you forward that email along to 100 folks thinking you’ve done your duty, you’re going to feel pretty sheepish having to send another email letting them know you just made a foolish mistake — and a mistake that could have been prevented with just a little bit of checking on your part first.

Finally, virus hoaxes can have a corrosive effect on security. How? Consider the story of the boy who cried wolf. Similarly, virus hoaxes can undermine the attention that end users pay to rigorous security measures. As a result, users may fall into lax security habits, underestimating the dangers of real viruses because of the frequency of false alarms represented by hoaxes.

By Scott Granneman of Symantec