Hoax-Slayer is dedicated to debunking email hoaxes, thwarting Internet scammers, combating spam, and educating web users about email and Internet security issues. Hoax-Slayer allows Internet users to check the veracity of common email hoaxes and aims to counteract criminal activity by publishing information about common types of Internet scams. Hoax-Slayer also includes anti-spam tips, computer and email security information, articles about true email forwards, and much more. New articles are added to the Hoax-Slayer website every week.
New: Scam Victim Stories Project
Perhaps you've been a victim of a dating scam
? Or a money-laundering job scam
? Have you lost money via an advance-fee scam
or a phishing scam
? Been victimized by an over-payment scammer
? Suffered losses via some other type of Internet based fraud?
If you or someone close to you has been a victim of an Internet scam, you can submit your story for possible publication on the Hoax-Slayer website. By telling your story
, you may be able to stop other people from becoming victims. Your story may provide
much needed support for others who recognize their own circumstances via the experiences you share.
Hoax-Slayer in the News
My Social Agency - Slaying Facebook Scams By Kerry Butters
In terms of spam, scams and more sinister and malicious threats, Facebook represents one of the top threats in the world of internet security today. The type of scams that circulate on Facebook have often been around for many years however, and many have their roots in similar or identical hoaxes and suchlike which used to be more prevalent in email.
With this in mind, I spoke to Australia-based Brett Christensen, a man who has been running the Hoax-Slayer site alone since 2003.
(Read Full Article)
Hoax-Slayer Subscription Options
Hoax-Slayer keeps you informed about the latest email hoaxes, true email forwards, current Internet scams and important spam and computer security issues. New information is first published as individual articles. New articles are added every week. These new articles are later collected and republished together in newsletter format. The Hoax-Slayer Newsletter is published once per month.
There are three subscription options available:
Option One - Subscribe to Fortnightly Newsletter Notifications via Email (Free Subscription)
As soon as the newsletter is published each fortnight, subscribers are sent a notification email with a direct link to the latest issue. To get your free subscription, enter your email address in the form below and click the "Subscribe" button.
Option Two - Subscribe to Newsletter Notifications via RSS (Free Subscription)
The Newsletter RSS feed is updated as soon as the standard newsletter is published each month. Feed subscribers will receive a newsletter notification with a direct link to the latest issue.
Subscribe to the Hoax-Slayer Newsletter RSS Feed
Option Three - Subscribe to New Article Notifications via RSS (Free Subscription)
The New Articles RSS feed is updated on the same day that new stand-alone articles are published on Hoax-Slayer. Feed subscribers will receive a summary of the new information with a direct link to the full article.
Subscribe to the Hoax-Slayer New Articles RSS Feed
Featured Hoax-Slayer Articles
How to spot an Email Hoax - Guide to Recognizing Hoaxes
Spotting the latest email hoaxes may be easier than you think!
There are thousands of email hoaxes moving around the Internet at
any given time. Some may be the latest email hoaxes around. Others may be mutated versions of hoax messages that have travelled the Internet for years. These email hoaxes cover a range of subject matter,
- Supposedly free giveaways in exchange for forwarding emails.
- Bogus virus alerts.
- False appeals to help sick children.
- Pointless petitions that lead nowhere and accomplish nothing.
- Dire, and completely fictional, warnings about products,
companies, government policies or coming events.
The good news is that, with a little bit of foreknowledge, email
hoaxes are easy to detect. Hidden within the colourful prose of
your average email hoax often lurk telling indicators of the
Probably the most obvious of these indicators is a line such as
"Send this email to everyone in your address book". Hoax writers
want their material to spread as far and as fast as possible, so
almost every hoax email will in some way exhort you to send it
to other people. Some email hoaxes take a more targeted approach
and suggest that you send the email to a specified number of
people in order to collect a prize or realize a benefit.
Another indicator is that hoaxes tend not to provide checkable
references to back up their spurious claims. Genuine competitions,
promotions, giveaways or charity drives will usually provide a
link to a company website or publication. Real virus warnings are
likely to include a link to a reputable virus information website.
Emails containing Government or company policy information are
likely to include references to checkable sources such as news
articles, websites or other publications.
A third indicator is often the actual language used. Email hoax
writers have a tendency to use an emotive, "over-the-top" style
of writing peppered with words and phrases such as "Urgent",
"Danger", "worst ever virus!!", "sign now before it's too late"
and so on, often rendered in ALL CAPITAL LETTERS for added
emphasis. Paragraphs dripping with pathos speak of dying
children; others "shout" with almost rabid excitement about free
air travel or mobile phones. As well, some email hoaxes try to
add credibility by using highly technical language.
Before forwarding an email, ask yourself
- Does the email ask you to send it to a lot of other people?
- Does the email fail to provide confirmation sources?
- Is the language used overly emotive or highly technical?
A "yes" answer to one or more of the above questions, should
start some alarm bells ringing. These indicators do not offer
conclusive evidence that the email is a hoax but they are
certainly enough to warrant further investigation before you
hit the "Forward" Button.
Back to Featured Articles Menu
Common Internet Scams - An Overview
Email and the Internet is a wonderful resource that has revolutionized the way humans communicate and access information. Unfortunately, it has also proved to be a fertile medium for the unscrupulous and the morally challenged. Scammers regularly use email in attempts to steal money or personal information from unsuspecting victims. Those inexperienced in the ways of the Internet are especially vulnerable to current Internet scams.
The good news is that it is not difficult to learn how to recognise current Internet scams that arrive via email. Included below are descriptions of three of the most common types of email driven scams as well as some general indicators that should help you recognize scam emails.
You may receive an email from a bank/online service provider/ financial institution that asks you to click a link and visit a website in order to provide personal information. Such an email is more than likely the type of Internet scam known as "phishing".
A phishing scam is one in which victims are tricked into providing personal information such as account numbers and passwords to what they believe to be a legitimate company or organization. In order to carry out this trick, the scammers often create a "look-a-like" website that is designed to resemble the target company's official website. Typically, emails are used as "bait" in order to get the potential victim to visit the bogus website. Be wary of any email that asks you to click on a link and provide sensitive personal information such as banking details. Information submitted on these bogus websites is harvested by the scammers and may then be used to steal funds from the user's accounts and/or steal the victim's identity.
Most legitimate companies would not request sensitive information from customers via email. DO NOT
click on the links in these emails. DO NOT
provide any information about yourself. If you have any doubts at all about the veracity of an email, contact the company directly.
Find out more about Phishing scams
You may receive an email/letter/fax that asks for your help to access a large sum of money in a foreign bank account. The message says that you will get a percentage of the funds in exchange for your help.
In all probability, the message is an example of the type of scam known as a Nigerian or "419" scam. The "large sum of money" does not exist. The messages are an opening gambit designed to draw potential victims deeper into the scam. Those who initiate a dialogue with the scammers by replying to the scam messages will eventually be asked for advance fees supposedly required to allow the deal to proceed. They may also become the victims of identity theft. The scammers use a variety of stories to explain why they need your help to access the funds.
- They may claim that political climate or legal issues preclude them from accessing funds in a foreign bank account.
- They may claim that your last name is the same as that of the deceased person who owned the account and suggest that you act as the Next of Kin of this person in order to gain access to the funds.
- They may claim that a rich merchant, who has a terminal illness, needs your help to distribute his or her wealth to charity.
If you receive one of these scam emails, it is important that you do not respond to it in any way. The scammers are likely to act upon any response from those they see as potential victims.
Find out more about Nigerian Scams
You may receive an email/letter/fax that claims that you have won a great deal of money in an international lottery even though you have never bought a ticket. The email may claim that your email address was randomly chosen out of a large pool of addresses as a "winning entry". Such emails are almost certainly fraudulent. In some cases, the emails claim to be endorsed by well-known companies such as Microsoft or include links to legitimate lottery organization websites. Any relationships implied by these endorsements and links will be completely bogus.
There is no lottery and no prize. Those who initiate a dialogue with the scammers by replying to the messages will be first asked to provide a great deal of personal information. Eventually, they will be asked to send money, ostensibly to cover expenses associated with delivery of the supposed "winnings". They may also become the victims of identity theft. DO NOT respond to these messages. DO NOT supply any personal information whatsoever to the scammers.
Find out more about Lottery Scams
General Scam Indicators:
The current Internet scams described above are some of the most common types of Internet fraud. However, these fraudsters are clever people who may use many variations of the above scams to achieve their nefarious ends.
In general, be wary of unsolicited emails that:
- Promise you money, jobs or prizes
- Ask for donations
- Propose lucrative business deals
- Ask you to provide sensitive personal information
- Ask you to follow a link to a website and log on to an account.
By taking the time to educate yourself about these common types of scam, and/or by sharing this information with others, you can make a valuable contribution to the war against Internet fraud.
Back to Featured Articles Menu
Why do People Create Email Hoaxes?
At any one time, there is likely to be many thousands of completely bogus hoax messages travelling via email, from the very latest email hoaxes to older email hoaxes that have been circulating in various forms for years.
I am often asked why people create such hoaxes in the first place. This is an interesting question that probably has no definitive answer. For example, what could possibly motivate somebody to write and distribute a fictional message about a dying child
? Why would someone author a bogus warning about a non-existent computer virus
or falsely claim that a well-known company was giving away money or products
Unlike a scammer, whose efforts may be rewarded in the form of stolen funds or stolen identities, a hoax writer does not stand to reap such a tangible reward. The motives of a scammer are not hard to ascertain. Hoaxsters, on the other hand, have motives that are less transparent.
Perhaps people most commonly start hoax emails simply to see how far, and for how long, their nonsensical messages will spread. If they create a hoax that regularly has recipients clicking on the "Forward" button, they may feel "successful" by their own twisted standards. By pulling the wool over the eyes of a substantial number of Internet users, these pranksters may feel that they have "made their mark" on society. Perhaps it is something akin to vandalism out in the "real" world. Perhaps there are similar underlying motives that drive those who create hoaxes and those who spray graffiti or slash train seats? Such vandalism may seem completely pointless to the rest of us, but the vandals must gain some intrinsic value out of it - a venting of anger against a society they resent - a sense of power - just a cheap thrill, perhaps.
In some cases, a newly created hoax message might spread a lot further than the author originally intended. Some hoaxes start out as just a practical joke aimed squarely at a select group of friends. But the friends send it to their
friends and, in short order, the message has irretrievably escaped into the wilds of Cyberspace. Some time back, a widely distributed email hoax about a group of Cambodian midgets
fighting a lion started in exactly this way.
In other cases an email hoax might be originally sent out simply because the author misinterpreted something and genuinely felt compelled to let others know about it. For example, the infamous "Bonsai Kittens" website appears to have prompted one outraged visitor to create and send out an email petition
calling for authorities to close down the site. However, the creator of the email petition apparently did not realize that the site was just a joke. In spite of the fact that nobody is really
making Bonsai Kittens, this misguided petition continues to circulate and collect email addresses years after it was first launched.
Hoaxes might also be started solely for the purpose of discrediting a company or individual. For example, some virus hoaxes, such as the Elf Bowling hoax
name a particular software program and may have been started simply because the author had some unnamed grievance and was seeking revenge.
Some have postulated that spammers deliberately create email hoaxes as a way of subsequently collecting email addresses. Certainly, messages that get forwarded many times
can accumulate a great many email addresses and spammers may well harvest these addresses for use on spam lists. However, generally speaking, I'm not convinced that spammers are the ones who actually create these hoaxes in the first place. For such an exercise to be successful (from the spammer's point of view), he or she would have to set up a mechanism by which the email hoax messages were eventually returned after they had accumulated a large number of email addresses. Typically, email hoaxes do not have any such mechanism. If they did, it would perhaps make it possible to identify the original author.
As I said earlier, it is probably quite difficult to pinpoint one definitive reason why some individuals in the Internet community decide to create and distribute email hoaxes. Given the sometimes unfathomable complexity of human psychology, there is likely to be quite a number of reasons why people author email hoaxes and I've only touched on a few possible motives here.
Back to Featured Articles Menu
Are Email Petitions Useful?
If you have been using email for any length of time, at some point you have probably received an email in the form of a petition. The message requests you to "sign" the petition by adding your name before sending it on to others in your address book. Emails of this nature generally contain a few paragraphs of text explaining the purpose and intended goals of the petition as well as instructions about how to sign and forward the message. Such email-based petitions have focused on a large variety of causes.
I am often asked if such petitions have any value. Well, in my opinion, they are completely worthless. Here's why:
- Name lists on email petitions are very easy to forge:
Very often, to "sign" an email petition you simply add your name and perhaps some geographic information such as the name of the city you live in. However, the person targeted by the petition has no way of knowing if the names are genuine. It would be exceptionally easy for a person to make up lists of bogus names or even copy and paste names from other sources. For example, an enterprising armchair activist could copy whole lists of names from unrelated email petitions and add them to his or her petition before forwarding it. In fact, a person who cared strongly about a particular issue could add hundreds of names to an email petition with very little work.
This forgery factor is a major reason why people such as government officials who are the intended target of email petitions are quite unlikely to give them much credence. Normally, there is no viable way for the recipient of the petition to verify names on the list. Nor can it be determined whether a list was signed by the person named or added without his or her consent. Regardless of the medium used, a credible petition must contain verifiable information about those who sign it.
- Privacy and security issues:
Occasionally email petitions do ask recipients for more details such as an email address or even a street address. While this might give more credence to the petition, it is also a quite unacceptable security risk. An email petition could end up anywhere, including the inboxes of spammers or fraudsters. Adding personal information such as a full name and street address to any email that is likely to be forwarded is an unsafe practice.
- Email petitions often contain false or outdated information:
Another serious problem with email petitions is that the cause they are protesting against may not even be valid. Email petitions are often based on misinformation. A classic example is the long running bonsai kittens petition. This email calls for the authorities to stop the practice of creating "bonsai kittens". Supposedly, creating a bonsai kitten involves thrusting a living cat into a glass jar to restrict its growth. While such a horrible practice would certainly be worthy of protest, bonsai kittens are nothing more than an urban myth. No one is making bonsai kittens. The story derives from a satirical website that has bonsai kittens as its subject.
Another popular email petition protests against the imminent release of the boys who killed toddler Jamie Bulger. While this was a true case, the petition is hopelessly outdated. These boys were released several years ago, so the continued circulation of the message is simply a waste of bandwidth. There are many other examples. Email petitions can continue to circulate and collect names long after the cause in question has become irrelevant. Indeed, if the petition was originally based on a false premise, it may have never been relevant.
- Email petitions may never reach their target:
A lot of email petitions instruct you to forward the petition to a specific email address once the list reaches a given number of names. This might be the email address of a politician or an organization related to the cause in question. However, there is no guarantee that anybody in authority will actually get to view the petition. If the same petition emails, albeit with different names included, are being repeatedly sent to a government department or other large organization I think there is a good chance that they will be simply deleted before they are read.
Also, the email address provided in the petition may not be valid because it was incorrectly transcribed, it has been changed during subsequent forwarding, or it has been disabled. This means that the compiled list of names will bounce and never reach its target.
Amazingly, some email petitions have no specific target at all. In 2002, a vague email protesting racism was signed and forward by many people around the world even though it did not specify any particular person or organization as the target of the petition. The petition simply circulated aimlessly around cyberspace collecting names for no good reason.
- Email petitions can be counter productive:
A more subtle danger of email petitions is that they can effectively defang a person's desire to take constructive action concerning a cause they believe in. The almost too simple act of "signing" and forwarding an email petition can give the sender a false sense of having "done" something to help "the cause" and they may be less likely to become involved in more worthwhile approaches to the problem at hand.
In summary, think twice about "signing" and forwarding email petitions. There are much more effective ways of bringing attention to a problem and registering your protest. You could contact a relevant person directly and outline your grievances. You could also write Letters to the Editor, start a legitimate petition or even organize a demonstration, to name just a few options.
If you still feel that signing and sending an email petition is worth the effort, then at least take the time to check if the information in the email is actually factual and current before proceeding.
Back to Featured Articles Menu
Email Security Tip - Forward Responsibly
Along with the junk mail that arrives in our inboxes, there may be quite a few gems that just beg
to be forwarded. These may be jokes, funny photos or videos, useful information, interesting web links or just juicy bits of gossip. The "forward" function of our email program enables us to fire off these missives to one, a few, or all of the email addresses in our address book with just a few mouse clicks. As easy as pie!
In fact, email forwarding is almost too easy! While the ability to forward messages is a very valuable aid to effective email communication, the forward function should be used responsibly. Before you forward an email to multiple recipients, there are important factors that need to be considered:
- Willingness to receive:
There is a fundamental question that is very frequently overlooked by the forwarding fraternity. The question is, "Does the recipient actually want to be sent all these forwarded emails?"
If you are on a slow dial-up Internet connection, it can be very irritating to continually receive large emails that take a considerable time to download. Furthermore, your recipient's opinions about what is funny, intriguing, or important might diverge rather sharply from your own.
More importantly, the recipient might be rightly concerned about the privacy and security risks inherent in multiple forwarded emails (see below).
In short, if you forward a lot of emails to a lot of people, it is simply good etiquette to give your recipients the chance to "opt out" of future mailings. In other words, take the time to ask the recipient if he or she wants to receive your forwarded emails. The truth is that some of your recipients may prefer that you did not forward emails to them, but are too polite to tell you.
- Privacy and Security:
If you forward an email to multiple recipients in the normal way, recipients will be able to easily view each other's email addresses. The email is likely to be forwarded many more times and it will carry an expanding list of email addresses along with it, including those of your friends and family. Some of your recipients may not appreciate the fact that their private email address has been clearly revealed to dozens or hundreds of total strangers.
Ultimately, this list of email addresses may well find its way into the hands of spammers who will send you and other people on the list irritating and intrusive junk email.
I go to a lot of trouble to protect my private email address from spammers, so I do tend to get irritated when I am forwarded an email and realize that my email address has been blasted across cyberspace to dozens of strangers without my permission and its continued transmission is totally beyond my control.
Luckily, there are a couple of very easy steps you can take
to protect the privacy of your recipients and help to reduce spam.
Firstly, be sure to remove any previous email addresses displayed in a message before you forward it. Secondly, be sure to use the Blind Carbon Copy (BCC) function of your email program when forwarding a message to multiple recipients.
- Protecting your own email address:
Even if you do remove previous email addresses and use BCC,
you need to be aware that your private email address might well end up being sent onward and displayed in email inboxes across the planet. Once you click the "Send" button, you have very little control over where or to whom your email address is subsequently displayed. However, you can reduce the risk by asking your recipients to remove your email address before forwarding. You could also use a throwaway email account just for forwarding purposes.
Many users are simply not aware of the privacy and security issues connected to forwarding emails. You can take an active role in helping to protect user privacy and reducing spam by making others aware of these issues.
Back to Featured Articles Menu
Responding to Email Hoaxes
What do you do if you get an email that you know is one of the latest email hoaxes going around?
If you receive a lot of hoax and other garbage emails, it can be tempting to fire off an irate reply condemning the sender for his or her foolishness. Serial hoax-forwarders might actually deserve such a reply. These email pests consistently refuse to check before forwarding even when recipients repeatedly point out their gullibility. However, the majority of people who forward a hoax email do so in good faith and perhaps simply need a bit of guidance on the issue from a more Internet savvy individual.
That said, I think there is a right way and a wrong way to go about providing this guidance. Here's what works for me:
- Be Subtle!
Nobody likes to be ridiculed. If a reply is overly aggressive and makes people feel stupid they are likely to focus on defending themselves from a perceived attack and your chance to set the record straight may be lost. In other words, if you get a person's back up, he or she probably won't believe anything you try to tell them anyway.
So, it is well worth spending a few minutes formulating a polite and subtle reply. The outcome is likely to be a lot more positive.
- Backup Your Argument
Even if you are subtle, the sender is unlikely to feel good about being taken in by a hoax. Human nature being what it is, he or she may well try to avoid feeling foolish by defending the claims in the message and disputing your argument. Therefore, always try to include one or more good external references in your message that back up your conclusions.
- Take the Chance To Educate
Your reply also gives you a chance to help the sender learn how to avoid being caught by hoaxes in the future. Explain how and where you check the truth of messages before you forward them.
- Don't do a "Reply All"
Often, the "To" line of the hoax message reveals that it has been sent to many other people besides yourself. (You might also like to talk to the sender about trimming addresses and using Blind Carbon Copy...but that's another story ). Some people simply do a "Reply All" when they send their hoax-rebuttal message.
While it might seem like this is a good method to let everyone know about the hoax at once, I think there are some real problems with this method. Firstly, there is a good chance that you don't know everyone on the list, so you are basically sending an unsolicited message to strangers. Some might call that spamming. Secondly, at least some of the recipients may already know the message is a hoax and have no need to receive another email rebutting the first. Thirdly, and perhaps most importantly, you run the risk of humiliating the original sender in the eyes of his or her friends and acquaintances. That is quite unlikely to be helpful! (See Point 1 above).
I generally just suggest that the sender let others know that the message turned out to be a hoax. Whether they do so or not is basically their business.
I've found that a reply something like the following generally gains a good response:
Subject: Re: (whatever hoax message)
Hi [Sender's Name],
Thanks for your message.
However, I need to tell you that the email is actually a known hoax. You can check this for yourself by reading the article(s) at the link(s) below:
There are a great many email hoaxes going around all the time and some keep circulating for years. Most of us have fallen for an email hoax at some point I think, including yours truly (grin). These days, before I forward an email message, I always check it out at:
[Add links to one or more hoax information websites]
Another good way to check if a message is a hoax, is to conduct an Internet search using a key phrase from the message. This will often bring up one or more reputable articles that clearly indicate if the claims in the message are true or false.
You might like to let whoever sent you the message know that it is a hoax as well.
Hope this helps.
Unfortunately, there are some people that simply will not
believe that a message is a hoax regardless of how compelling the evidence you present to them. In most cases, however, by using a good approach to the issue, you can help another Internet user become a little wiser and, indirectly, reduce the amount of nonsense emails that clutter inboxes.
Back to Featured Articles Menu