Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation

Divider











Issue 14 - Hoax-Slayer Newsletter

Issue 14: March 9th, 2004

This week in Hoax-Slayer:
Read Previous Issues


Hoax-Slayer is a Free Monthly Web-Based Newsletter brought to you by Brett Christensen

The Hoax-Slayer Newsletter keeps you informed about the latest email hoaxes and current Internet scams. Hoax-Slayer also features anti-spam tips, computer security information, pertinent articles and more.

As soon as the newsletter is published each month, subscribers are sent a notification email with a direct link to the latest issue. The Hoax-Slayer Newsletter is absolutely free and you can easily unsubscribe at any time either by following a link in the notification email or visiting the Hoax-Slayer Unsubscribe page.

To get your free subscription, enter your complete email address in the form below and click the "Subscribe" button. Concerned about giving out your email address online? I will never sell or give away your email address, or any other personal information, for any reason what so ever.

Read the Hoax-Slayer Privacy Policy for more information.



Subscribe to the newsletter via RSS feed

Subscription Options in Detail



High Rates of Virus Activity

There have been exceptionally high rates of virus activity over the last week or so. New variants of Netsky, Beagle and MyDoom have been hitting inboxes hard.

This is a time to be especially vigilant. Some of the messages carrying the viruses are quite clever in the way they try to trick recipients into clicking on the attachments. The emails carrying the worms use a large variety of messages, subject lines and attachment names, combined in a number of different ways. Some pretend to be notification emails from companies such as Yahoo, and ask that you click on the attachment for more information. To add a patina of legitimacy, some even inform recipients that they will need a password to access the attachment. In an absurd twist, this supposed "password" is actually included in the email. An example of just one of these virus-bearing emails is included below.

These worms may spoof email addresses, which means you may think you are receiving an email from someone you know and trust, when in fact they never sent it at all. The spoofing tactic causes a lot of confusion and unnecessary finger pointing among those who don't understand how it works.

Simply put, spoofing as it relates to virus dissemination, works like this:

  1. Someone who has your email address stored somewhere on her or his computer, becomes infected by a worm that uses spoofing.
  2. The worm collects all the email addresses on the infected computer, including yours, and sends itself to them.
  3. The worm inserts one of the email addresses it finds in the FROM: line of the virus emails it sends. In other words, it may use YOUR address in the FROM line, which tricks recipients into thinking that the virus came from YOUR computer.

Thus, even though you may practice safe computing and have a virus free machine, you may be unfairly accused of spreading the virus.

Right now, it is even more important to make sure your anti-virus software is up-to-date. Furthermore, treat any email with an attachment as suspect until proven otherwise.

If you don't have anti-virus software installed, then I would strongly suggest that you get some as soon as possible. You can download a quite adequate free virus scanner from Grisoft (AVG).

You can also conduct a comprehensive online virus scan at Panda Active Scan.

To read in depth information about these new worms, visit
Symantec Security Response.

Example:
Dear user of e-mail server "Egroups.com",

Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up our computer software.

For more information see the attached file.

Have a good day,
The Egroups.com team



[TOP]



Prank email targets Shadowcrew.com

The hapless crew at Shadowcrew.com have been the target of a variety of prank emails designed to damage their reputation and generally cause confusion. The email below was submitted by a Hoax-Slayer site visitor and claims that the recipient's credit card has been charged for the purchase of Viagra tablets. Shadowcrew.com is not in the business of selling Viagra, nor are they responsible for peddling child pornography, as implied in the second example below.

Another prank email aimed at Shadowcrew claims to be an account suspension message from eBay.

The reasons for these malicious attacks on the website are unclear. I have been unable to access the shadowcrew.com website, which may have been taken down.

Viagra Prank Email:
SUBJECT:
Your credut card has been sucessfully charged for $69.95.

BODY:
Administration of www.shadowcrew.com online store would like to thank youfor your purchase of Viagra tablets. Couple of words about our products and services. Viagra is a prescription drug used to treat erection difficulties, such as erectile dysfunction, which also refers to as an impotence. At this condition men do not experience normal erection, necessary for the sexual act. VIAGRA works only in reply to sexual excitation and does not influence reproductive function in any way. Your tablets will be sent to the address specified by you within 24 hours. You should store VIAGRA at temperature below 30 degrees in original packing and out of reach of children. Do not take preparation after expiry date which is located on top of the package. We are the only official dealers that offer you tablets in original packaging. We guarantee to refund your money during 30 days.

If you never purchased this product please contact us at:
1.888.575.6398
To cancel this purchase please contact us at: 1.408-817-2800
To change the shipping address on the order: 1.877.999.8779
If you suffer any side effects please contact: 1.866.963.9696
For bulk purchases please contact: 1.703.547.2000 Thank you for choosing www.shadowcrew.com
We are the first - the best.



Child Porn Email:
Thank you for joining shadowcrew.com. Your credit card has been charged $48.74. Now it is time to play in the shadows! Log on now to enjoy trading of nude boy! All picture and movie files accepted and exchanged by members. Rest assured, your credit card will be charged discreetly $48.74 weekly for your platinum membership. Enjoy the only man on boy love members forum?..
Have fun!
[Supposed links to child pornography removed]




[TOP]



WTC Survivor Virus Hoax

In spite of its age, the WTC Survivor virus hoax is still one of the most widely distributed email hoaxes on the Internet. It originally began circulation not long after the tragedy of 9/11. It disgusts me that the perpetrators of this hoax could use such a profound human tragedy to add weight to their pointless nonsense.

There is not, nor has there ever been a virus like the one described in the email.

There are several, equally nonsensical, versions of this hoax, including one rendered in Spanish.

You can confirm the status of this hoax email at the Symantec Website.

I received this from a reliable family friend this morning. 10/28/01 BIG TROUBLE !!!! DO NOT OPEN "WTC Survivor" It is a virus that will erase your whole "C" drive. It will come to you in the form of an E-Mail from a familiar person. I repeat a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can't even start his computer! Forward this to everyone in your address book. I would rather receive this 25 times than not not all.

If you receive an email called "WTC Survivor" do not open it. Delete it right away! This virus removes all dynamic link libraries (.dll files) from your computer. This is a serious one.



A more current version of the hoax is included below:

During the next several weeks be VERY cautious about opening or launching any e-mails that refer to the World Trade Centre or 9/11 in any way, regardless of who sent it. PLEASE FORWARD TO ALL YOUR FRIENDS AND FAMILY. FOR THOSE WHO DON'T KNOW, "WTC" STANDS FOR THE WORLD TRADE CENTRE. REALLY DANGEROUS BECAUSE PEOPLE WILL OPEN IT RIGHT AWAY, THINKING ITS A STORY RELATING TO 9/11!

BIGGGG TROUBLE !!!! DO NOT OPEN "WTC Survivor" It is a virus that will erase your whole "C" drive. It will come to you in the form of an E-Mail from a familiar person. I repeat, a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can't even start his computer!

Forward this to everyone in your address book. I would rather receive this 25 times than not at all. So, if you receive an email called "WTC Survivor", do not open it. Delete it right away! This virus removes all dynamic link libraries (.dll files) from your computer.

PLEASE FORWARD THIS MESSAGE






[TOP]



Virus Remover Information Page

Mike from MikesWhatsNews has created a very handy page that lists a variety of virus removal tools from different AV companies. This is a good page to bookmark for handy reference.

You can check out Mike's excellent Virus removers page here: http://www3.telus.net/mikebike/Virus_Removers.htm



[TOP]



NASA and the Zero Gravity Pen

This old joke/hoax has been spotted doing the rounds again. Government departments might be pretty wasteful at times, but NASA did not spend $12 billion on a pen.

Subject: NASA's Zero Gravity Pen When NASA first started sending up astronauts, they quickly discovered the ballpoint pens would not work in zero gravity. To combat the problem, NASA scientists spent a decade and $12 Billion to develop a pen that writes in zero gravity, upside down, underwater, on almost any surface including glass and at temperatures ranging from below freezing to 300C. The Russians used a pencil.



[TOP]



The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2009
Questions or Comments