Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 96 - September 2009 - Page 2

Pages in this month's issue:
  1. Cadbury Products - Halal Certification Authority Logo Protest Email
  2. First Address Book Entry Virus Control Hoax
  3. Australian Flag Lapel Pin Story - Response to Muslim Woman's Checkout Criticism
  4. Good Old Macca's - McDonald's Australia "Leave Out Items" Memo Hoax
  5. Microsoft, Yahoo, Google Lottery Scam
  6. Spider Under Florida Toilet Seat Hoax
  7. Obama Muslim Stamp - USPS Muslim Holiday Stamp Release Protest Message
  8. Request for New Home for Labradors Cookie and Coco
  9. Image of the North Pole With the Moon at its Closest Point
  10. USS New York Built With World Trade Center Steel
  11. Nine Zero Hash Phone Scam Hoax
  12. Nicotine in Tim Hortons Coffee Hoax
  13. Paypal Primary Email Address Change Phishing Scam

Issue 96 Start Menu

Previous Article            Next Article

First Address Book Entry Virus Control Hoax

Summary:
Virus protection "tip" claims that you can counter email worms simply by placing a phony email address such "AAAAAAA@AAA.AAA" as as the first entry in your address book.(Full commentary below).



Status:
False

Example:(Submitted, October 2009)
Subject: How to protect your e-mail address book

Or how to notify you if you are sending a worm

I did this, and it seems like pretty cheap insurance!!!
I am passing this on to as many people in my contact list as possible. Hope all is well and that we will never need this!!!

How to protect your e-mail address book
A computer repairman says this is like having gold. This is a good thing. I learned a computer trick today that's really ingenious in its simplicity.
I received it from a friend.

As you may know, when/if a worm virus gets into your computer it heads straight for your e-mail address book, and sends itself to everyone in there, thus infecting all your friends and associates. This trick won't keep the virus from getting into your computer, but it will stop it from using your address book to spread further, and it will alert you to the fact, that the worm has gotten into your system.

Here's what you do; first, open your address book and click on "new contact", just as you would do if you were adding a new friend to your list of e-mail addresses.

In the window where you would type your friend's first name, type in "AAAAAAA", Also use address AAAAAAA@AAA.AAA

Now, Here's what you've done and why it works: The name AAAAAAA will be placed at the top of your address book as entry #1. This will be where the worm will start in an effort to send itself to all your friends. But, when it tries to send itself to AAAAAAA, it will be undeliverable because of the phony e-mail address you entered.

If the first attempt fails (which it will because of the phony address), the worm goes no further and your friends will not be infected.

Here's the second great advantage of this method: If an e-mail cannot be delivered, you will be notified of this in your IN BOX almost immediately. Hence, if you ever get an e-mail telling you that an e-mail addressed to AAAAAAA could not be delivered, you know right away that you have the worm virus in your system. You can then take steps to get rid of it!

Pretty slick, huh?

If everybody you know does this then you need not ever worry about opening mail from family or friends.




Commentary:
This foolish and potentially dangerous hoax has now been circulating for several years. The message claims that putting a bogus email address as the first entry in your address book will thwart attempts by an email worm to propagate itself. According to the message, sending of the worm will be terminated because the first delivery will fail and the user will be alerted of the attempt to send the worm via an error message. This version espouses "AAAAAAA@AAA.AAA" as the bogus address of choice. Other versions extol the virtues of "!000000" as a first address book entry.

First entry address book hoax
Adding AAAAAAA@AAA.AAA as the first entry in your email address book will NOT protect your computer from worms
Either way, this "trick" is seriously flawed and will do nothing whatsoever to protect you from almost all modern worms. These days, email worms are far too sophisticated to be controlled by such a simple procedure. Very few modern email worms harvest email addresses solely from your email program's address book. Most will scan the entire hard drive of the infected computer for email addresses and are therefore in no way reliant on address book entries. Also, most worms will not send themselves to all addresses at once. They are more likely to send a separately addressed message to each recipient and the addresses may not be used in the same order as they appear in an address book. Thus, a fake first entry address will not stop a worm even if it did send messages from the address book sequentially. The fake address will bounce, but other worm-laden messages will be sent without a problem.

And perhaps most importantly, many worms now use their own SMTP engine to send themselves, which means that they bypass your email program completely. Basically, such a worm comes loaded with everything it needs to establish a connection with a mail server and send itself to any email addresses it has harvested from the infected computer. Since the worm does not use an existing email application, the operator of the infected computer might not even be aware that a worm is propagating itself. Even if some of the worm messages do bounce because of fake or invalid addresses, the user will not receive any sort of error message.

This strategy may have been somewhat effective for the relatively primitive email worms of days gone by. However, these days it is virtually useless. In fact, rather than offer protection against worms, it may even make worm infections more likely. The inherent danger of this hoax is that users who apply this method may relax their guard and neglect viable anti-virus strategies.

The message claims that if "everybody you know does this then you need not ever worry about opening mail from family or friends". However this claim is doubly flawed. As explained above the "trick" is invalid and will not protect you from modern email worms. Moreover, many worms use address spoofing so that an email may not really be from a friend or family member, even if it appears to have his or her address in the "From:" field.

The only real protection against virus attack is to maintain a secure computing environment, run reliable and up-to-date anti-virus software and employ common sense. If you receive this "tip", please take a moment to let the sender know that it is not a viable method of email worm protection and should not be forwarded.



References:
Internet Worm SMTP Engines Explained
Email Worm Spoofing - Spoofing Explained
AAAAAAA@AAA.AAA hoax
Previous Article            Next Article

Issue 96 Start Menu

Pages in this month's issue:
  1. Cadbury Products - Halal Certification Authority Logo Protest Email
  2. First Address Book Entry Virus Control Hoax
  3. Australian Flag Lapel Pin Story - Response to Muslim Woman's Checkout Criticism
  4. Good Old Macca's - McDonald's Australia "Leave Out Items" Memo Hoax
  5. Microsoft, Yahoo, Google Lottery Scam
  6. Spider Under Florida Toilet Seat Hoax
  7. Obama Muslim Stamp - USPS Muslim Holiday Stamp Release Protest Message
  8. Request for New Home for Labradors Cookie and Coco
  9. Image of the North Pole With the Moon at its Closest Point
  10. USS New York Built With World Trade Center Steel
  11. Nine Zero Hash Phone Scam Hoax
  12. Nicotine in Tim Hortons Coffee Hoax
  13. Paypal Primary Email Address Change Phishing Scam