Issue 19 - Hoax-Slayer Newsletter

Issue 19: April 16th, 2004

This week in Hoax-Slayer:

New Critical Updates Released
Camel Spider Hoax Email
Virus Report: Weekly Virus Wrap-Up
Pepsi Can Hoax Email
Feedback from Site Visitors
New Feature - Tip of the Week: Belarc Advisor

Hoax-Slayer is a Free Monthly Web-Based Newsletter brought to you by Brett Christensen

The Hoax-Slayer Newsletter keeps you informed about the latest email hoaxes and current Internet scams. Hoax-Slayer also features anti-spam tips, computer security information, pertinent articles and more.

As soon as the newsletter is published each month, subscribers are sent a notification email with a direct link to the latest issue. The Hoax-Slayer Newsletter is absolutely free and you can easily unsubscribe at any time either by following a link in the notification email or visiting the Hoax-Slayer Unsubscribe page.

To get your free subscription, enter your complete email address in the form below and click the "Subscribe" button. Concerned about giving out your email address online? I will never sell or give away your email address, or any other personal information, for any reason what so ever.

Read the Hoax-Slayer Privacy Policy for more information.

Subscribe to the newsletter via RSS feed

Subscription Options in Detail

New Critical Updates Released

Microsoft has released three new critical updates for Windows operating systems. According to Australian IT, the new patches are "aimed at preventing an unauthorized person from being able to install new programs or to view, change or delete data on someone else's computer*."

Last year, the MS Blaster worm created havoc across the Internet by exploiting a similar Windows flaw. Attacks that attempt to exploit these latest flaws are also possible if people do not download and install the updates. A patch that filled the hole exploited by Blaster was available well before the worm hit. However, the failure of end users to procure that patch ensured the devastating success of Blaster.

In order to stop history repeating, it is important that Microsoft Windows users visit Windows Update and procure the critical updates as soon as possible. I know from personal experience that many users don't regularly check for updates, or even understand why it is important. If you are not familiar with using Windows Update, the following brief guide may be helpful:

Connect to the Internet, click "Start" and then click on the item labelled "Windows Update" on the menu. Exactly where on the menu it is located may depend on the particular flavour of Windows you are using.
Internet Explorer should now open at the Microsoft Windows Update web page. Click the link labelled "Scan for Updates".
You may be prompted to download one or more small programs that are needed for the scanning procedure. Click "OK" when prompted, so that the scan can proceed.
When the scan is finished, it will tell you if there are updates available. The most important ones are those listed as "Critical Updates and Service Packs" or just "Critical Updates".
Click on the link for "Critical Updates" and it will present you with the option of selecting and downloading the updates.

If you have computer newbie friends, you might like to talk to them about Windows Update to ensure that they understand how to do it and why it is necessary. Conversely, if you feel that you need more information regarding this issue, ask a computer orientated friend, or email me if you like.

*Reference:
Australian IT Article:

[TOP]

Camel Spider Hoax Email

As if they didn't have enough to contend with, soldiers in Iraq face a sinister and creepy non-human threat as well - camel spiders! Or so an email forward that has now been circulating for several years would have us believe. Most such messages are accompanied by a photograph that depicts a soldier holding up two apparently gigantic camel spiders. Camel spiders are real organisms and they can grow quite large. However, the description of the creatures in the messages is seriously inaccurate and the specimens in the photograph are not as large as they may seem at first glance.

Similar stories about camel spiders are often posted to online forums and blogs where they tend to generate a lot of, sometimes heated, discussion. Indeed, perhaps because of their fearsome appearance, these relatively harmless creatures tend to generate a fair degree of hysteria and tall tales about them have become a part of contemporary folklore. Camel spider misinformation is nothing new. Tales about soldiers and camel spiders go back to at least the first Gulf War, and myths about them have been around for many years. Nor are such stories restricted to Iraq alone.

It has been claimed that camel spiders can run up to 25 mph and make a squealing noise like children screaming. Furthermore, according to the legends, camel spiders can grow to gigantic sizes, leap large distances at a single bound and inject a powerful anesthetic that allow them to eat camels (and soldiers) alive.

However, a minimal amount of research on camel spiders shows that these claims are unfounded:

Camel spiders are not actually spiders. They are in fact solifugids and, like spiders, they belong to the class Arachnida. Camel spiders are also known as wind scorpions and sun spiders.
The creatures are completely non-venomous and do not inject anesthetic. In fact, they do not have the necessary biological apparatus to inject anything.
They are silent except for the sound made by their jaws when eating.
They do not eat camels alive or dead. They mostly eat other arthropods. Some eat lizards and, possibly, birds and small mammals.
They do run very fast for Arachnids, but certainly not as fast as 25 mph.
They cannot jump well at all, but some are good climbers.
Solifugids are found world wide, although they are more common in drier regions such as Iraq.
Their bodies range in size from under 1 inch to around 2 inches in length. The outstretched leg span may reach around 6 inches.

Camel spiders are aggressive hunters and voracious feeders. They have strong enough jaws to inflict a painful bite to a human, generally when they are handled or cornered. Like bites from other creatures, a camel spider bite could become infected if not carefully treated. However, other than their capacity to bite, they are not generally considered a threat to humans.

None-the-less, baseless rumours about the dangers of camel spiders still persist. Even the US Department of Defence has debunked the rumours:

Camel Spiders have spawned many rumors within the military over decades of service in the Middle East. However, the majority of these stories are untrue. Camel Spiders, which are not actually spiders at all, belong to the family Solifugae. They are not dangerous to humans and pose no threat to camels, either. Their bite can be painful, due to the animal’s large chelicerae, which are used to crush and chew smaller arthropods such as spiders and scorpions, but they have no ‘paralytic venom,’ as some rumors suggest.

National Geographic has also denounced the email message and photograph as a hoax:

In fact, the creatures in the photo aren't spiders at all. They're actually solpugids, or solifugids (aka camel spiders, aka wind scorpions). Along with spiders, they are members of the class Arachnida.

The eight-legged solifugids have no venom glands, and the largest species is no more than 15 centimeters (6 inches) long with its legs outstretched.

"If any solpugid has anything they can inject, I haven't heard of it," said Rod Crawford, an arachnologist at the Burke Museum in Seattle, Washington.

Crawford has been debunking this and other spider myths for several years. This rumor, he said, spread to Western countries during the 1990-91 Gulf War and has now reemerged and become even more widespread with the return of U.S. troops to Iraq.

The size of the specimens depicted in the photograph appears to be much larger than is normal for camel spiders. However, photographs can be deceptive - either accidentally or deliberately. A closer examination of the photograph suggests that the apparent gigantic size of the camel spiders is most probably just a trick of perspective. Assuming that the soldier's hand and the vertically dangling camel spiders are at approximately the same distance from the camera, we can use the size of the palm to calculate the actual size of the top solifugid's body. This comparison indicates that the specimen is actually well within the known size range for camel spiders. The following images, cropped from the original photograph, should make this comparison clearer:

Body of top camel spider

The solder's palm

The amount of space between the soldier's wrist and the bottom of his shirt cuff can also be use as a reference to calculate the actual size of the camel spiders. A US Army CHPPM publication about camel spiders also concludes that the creatures depicted in the photograph are not as large as they look:

Myth vs.Measurement – Reports that Middle Eastern solifugids can grow to be the size of a dinner plate are not based on fact. Photographs purporting to show such solifugids are tricks of false perspective. In reality, solifugids in the region only reach a maximum length of around 2 inches (5 cm), and most are only about half as long.

Thus, although camel spiders are frightening in appearance and may bite humans, they are not the horrifically dangerous creatures depicted in these messages.

References:
Spider Myths: Horrors of the desert
Camel Spiders Just the Facts
Wildlife Awareness Needed with Summer Heat
Camel Spiders: Behind an E-Mail Sensation From Iraq

An example of the hoax email:

From someone stationed in Baghdad. He was recently bitten by a camel spider which was hiding in his sleeping bag. I thought you'd like to see what a camel spider looks like. It'll give you a better idea of what our troops are dealing with. Enclosed is a picture of his friend holding up two spiders. Warning: not for the squeamish!

This picture is a perfect example of why you don't want to go to the desert. These are 2 of the biggest I've ever seen. With a vertical leap that would make a pro basketball player weep with envy (they have to be able to jump up on to a camels stomach after all), they latch on and inject you with a local anesthesia so you can't feel it feeding on you. They eat flesh, not just suck out your juices like a normal spider. I'm gona be having night mares after seeing this photo!

[Click image for full size view]

[TOP]

Virus Report: Weekly Virus Wrap-Up

W32.Netsky.U@mm is yet another variant of Netsky that can carry out Denial of Service (DoS) attacks on specific websites and contains backdoor functionality.

W32.Tunk.A arrives as an attachment to an email with the following characteristics:
Subject: MyFriend,How are you?
Message body: Please See The Attachment (Important)!

This virus may stop infected computers from restarting from May 2004.

MP3Concept is unusual in that it is specifically targeted at the Mac OS X platform rather than long-suffering Windows users. This is a proof-of-concept Trojan, and does not contain a destructive payload. It is a minor threat, even if you *do* run a Mac system. I include it here, simply for the novelty of writing about a virus that doesn't target the Windows OS (grin).

[TOP]

Pepsi Can Hoax Email

The email forward reproduced below calls for a boycott of the Pepsi Company on the grounds that they are unpatriotic and anti-Christian. It claims that a new "patriotic can" that is to be released has the Pledge of Allegiance on it but omits the words "Under God." Naturally, such a can might be somewhat offensive to patriotic US citizens, especially those that are Christians - perhaps offensive enough for them to forgo purchasing Pepsi in protest.

The problem here is that the claim is completely untrue. Pepsi has no plans for such a can, nor has it ever produced a can that features the Pledge of Allegiance, complete or abridged. It is therefore not surprising that in spite of the fact that the email has been circulating for around two years, the alleged Pledge of Allegiance can has not yet made an appearance.

This pointless rumour apparently arose from a similar email bourn protest surrounding patriotic packaging used by another drink manufacturer, Dr Pepper. The Dr Pepper packaging featured just a few words from the Pledge of Allegiance and "Under God" was not amoung them. However, it is highly improbable that Dr Pepper intended the omission of "Under God" as a political or anti-Christian message. Dr Pepper/Seven Up's statement on the issue.

In any case, Pepsi is in no way affiliated with Dr Pepper and this email rumour is a ridiculous waste of bandwidth

Pepsi has information about the hoax on its website.

Subject: New Pepsi Can

Pepsi has a new patriotic can coming out with pictures of the Empire State Bldg. and the Pledge of Allegiance on them. But Pepsi forgot two little words on the pledge, "Under God." Pepsi said they did not want to offend anyone.

If this is true then we do not want to offend anyone at the Pepsi corporate office. If we do not buy any Pepsi product then they will not receive any of our monies. Our money after all does have the words "Under God" on it.

Please pass this word to everyone you know. Tell your Sunday School class tomorrow and tell your Pastors so that they can tell the whole congregation.

Christians stand up and let your voices be heard.

We want the words "under God" to be read by every person who buys a can.

[TOP]

Feedback from Site Visitors

Each week a growing number of site visitors have been good enough to submit examples of hoax or scam emails they have received. If you receive a hoax or scam email, I would appreciate it if you would send me a copy.

A site visitor received the following email, although he never ordered anything from the "company", nor was his credit card billed as stated. Although I can't be sure on the status of this email, it would appear to be a typical phisher scam email. The intention is probably to trick recipients into clicking on one of the links to cancel or query the supposed transaction. I believe the links would have lead to a website that requested the visitor to enter credit card details in order to "cancel" the transaction. Instead of cancelling a non-existent transaction, this would have sent credit card details directly to the scammers. The links in the email no longer work.

I'm wondering if any readers have received a similar email recently?

Thank you for your order.
The payment has been sent successfully
Your order would be shipped during next two days by USPS Red mail.

Your credit card is billed for $117.99 by "Goretex Liquor Store".
To track your order delievery use this link:
[LINK REMOVED]
To cancel your order delievery or order more use:
[LINK REMOVED]

The UPS Uniform email hoax appears to be having another run I've received several examples this week.

I've also received a number of Nigerian and Lottery scam examples. Thanks for your submissions. Keep em coming! :)

[TOP]

New Feature - Tip of the Week: Belarc Advisor

Tip of the Week will feature computer tips, tricks and tweaks as well as useful freeware downloads.

The Belarc Advisor is a very useful freeware program that generates a detailed report of the hardware and software on your computer. The list includes MS hotfixes and lets you know if any of these require reinstalling. It also lists software licence numbers including the Windows Product Key. The report is displayed in your browser and is clearly formatted to ease understanding.

You can print out the report for future reference. Such a report may be an invaluable document if you encounter major computer problems. Having a detailed profile of your computer could certainly help you effectively communicate with tech support operators if the need arises.

The Belarc website specifies the following system requirements:

Operating Systems:
Windows 95/98/Me, NT 4, Windows 2000, XP and Windows Server 2003.

Browsers:
Requires IE 3 or Netscape 3, and higher versions. Also runs on Opera.

The Belarc Advisor is free for personal use only. You can download the program here.

[TOP]