Issue 22 - Hoax-Slayer Newsletter
Issue 22: 7th May, 2004
This week in Hoax-Slayer:
Swiffer Wetjet Pet Death Rumour
A new "warning" email hitting inboxes this week claims that the
cleaning product Swiffer Wetjet can lead to the death of your
household pets. However, the claims in the rumour are completely
unsubstantiated. The product does not contain anti-freeze or any
similar substance that could cause liver failure in animals. A
safety warning in the Swiffer Wetjet users guide admonishes uses
to "AVOID ACCIDENTS: KEEP OUT OF REACH OF CHILDREN AND PETS".
However, such warnings are present on many cleaning products and
do not in any way imply that animals (or children) could be harmed
by licking residue left after use. Also, the company has the
following information in the "Questions and Answers" section of
Is Swiffer safe for animals? What if my pet licks the floor?
Great news for you and your pets! Swiffer Wet and Swiffer WetJet
are specially designed to not leave a residue on the floor, so
there's no need to rinse. We suggest you make sure the floor is
completely dry before letting your pet walk on it, though,
because wet floors can be slippery. Since there isn't a residue,
there are no problems if your pet licks the floor.
No more worrying about the owner of those muddy paw prints. You
can enjoy the convenience of our Swiffer products without any
worries for your pet's safety.
The company has responded to this email rumour
by posting the
following information on its website:
Are the ingredients safe?
We're glad you came to us for the facts about Swiffer WetJet.
All our products have been evaluated by internal and external
veterinarians and scientists, and Swiffer WetJet and Swiffer
Wet cloths are safe to use around pets. Let us assure you,
this rumor is completely false. Our Wet cloths and WetJet
liquid solution cleaners do not contain antifreeze or any
ingredient similar to it.
We have pets too and their health is very important to us.
We hope you'll help us put an end to this rumor by letting
others know the truth.
In any case the email lacks credibility in that it does not
include names, places, or indeed, any way of verifying its
spurious claims. If animals were really dying as a result of
this product, its safe to assume that the information would
be included in legitimate news articles and the relevant
health authorities would be investigating the matter
Subject: Warning for your animal's health--
I recently had a neighbor who had to have their 5-year old
German Shepherd dog put down due to liver failure. The dog was
completely healthy until a few weeks ago, so they had a necropsy
done to see what the cause was. The liver levels were unbelievable,
as if the dog had ingested poison of some kind. The dog is kept
inside, and when he's outside, someone's with him, so the idea of
him getting into something unknown was hard to believe. My neighbor
started going through all the items in the house. When he got to
the Swiffer Wetjet, he noticed, in very tiny print, a warning which
stated "may be harmful to small children and animals." He called
the company to ask what the contents of the cleaning agent are and
was astounded to find out that anitfreeze is one of the ingredients.
(actually he was told it's a compound which is one molecule away from
anitfreeze). Therefore, just by the dog walking on the floor cleaned
with the solution, then licking it's own paws, and the dog eating
from its dishes which were kept on the kitchen floor cleaned with
this product, it ingested enough of the solution to destroy its
liver. Soon after his dog's death, his housekeepers' two cats also
died of liver failure. They both used the Swiffer Wetjet for quick
cleanups on their floors. Necropsies weren't done on the cats, so
they couldn't file a lawsuit, but he asked that we spread the word
to as many people as possible so they don't lose their animals.
Sasser Worm Generating Havoc
The Sasser worm and its variants are currently generating havoc
across the Internet. Many businesses and organizations have been
badly hit and the damage continues to grow. Unlike other worms
that propagate via email, Sasser spreads by scanning randomly
selected IP addresses for unpatched systems that are vulnerable to
the worm. In other words, simply connecting to the Internet can
infect your computer.
Sasser exploits the LSASS vulnerability in Windows 2000 and Windows
XP systems. Although the worm cannot infect Windows 9x systems,
it can still run on them and thereby infect other vulnerable
In order to protect your computer from Sasser it is necessary to
enable a firewall and ensure that the required update is
downloaded and installed. You should also check that the worm is
not already present on your system.
For detailed information about combating the Sasser worm, please
access the following Internet resources:
What You Should Know About the Sasser Worm and Its Variants
Mikes VirusInfo - Sasser worm
Symantec W32.Sasser Removal Tool
In order to minimize the potential damage caused by this worm, it
is important that all
responsible computer users take steps to
protect their systems. Also, if you are in a position to help a
less experienced friend to protect her or his system, please take
the time to do so.
IRS Phisher Scam
The U.S. Department of the Treasury and the Internal Revenue
Service have issued a warning to US citizens about a phisher scam
that tries to trick recipients into submitting sensitive personal
information. Emails, supposedly from the IRS, inform recipients
that they are under investigation for alleged tax fraud.
Recipients are instructed to visit a website and provide personal
information in order to help the investigation and dispute the
charge. However, the charges outlined in the scam email are
imaginary and the link provided leads to a bogus web site
designed to resemble an official government site. Victims who
fall for the ruse may inadvertently hand over banking and credit
card information and social security numbers to the scammers via
a form on the bogus website.
The IRS would never discuss an individual's taxation details via
email. Any email from a government department or financial
institution that asks you to provide sensitive information
should be held suspect until proven otherwise.
Although the bogus website has now been shut down, similar scam
emails that link to newly created fake websites are likely to
If you are a taxpayer in the US and have received one of these
fraudulent emails you can report them to the Treasury Department
fraud hot line at 1-800-366-4484.
Virus Report: Weekly Virus Wrap-Up
The list below represents some of the most significant new virus
threats identified by Symantec Security Response
over the last
and its variants are a significant threat.
See the article above.
is a worm that uses address that it finds in the MS Outlook address book to spread itself. It also spreads through IRC.
The email carrying the worm has the following characteristics:
This document is interesting
Hi! How are you, i hope all okay. I send you an
attachment that you should see.
ha ha ha ha.doc.exe
scans the infected computer for email addresses and send itself using its own SMTP engine. Subject and attachment names vary, as does the message.
AAAAAAA@a.aaa Virus Control Hoax
The foolish and potentially dangerous hoax shown below has now been circulating for several years. The message claims that putting a bogus email address as the first entry in your address book will thwart attempts by an email worm to propagate itself. According to the message, sending of the worm will be terminated because the first delivery will fail and the user will be alerted of the attempt to send the worm via an error message. This version espouses "AAAAAAA@AAA.AAA" as the bogus address of choice. Other versions extol the virtues of "!000000" as a first address book entry.
Either way, this "trick" is seriously flawed and will do nothing whatsoever to protect you from almost all modern worms. These days, email worms are far too sophisticated to be controlled by such a simple procedure. Very few modern email worms harvest email addresses solely from your email program's address book. Most will scan the entire hard drive of the infected computer for email addresses and are therefore in no way reliant on address book entries. Also, most worms will not send themselves to all addresses at once. They are more likely to send a separately addressed message to each recipient and the addresses may not be used in the same order as they appear in an address book. Thus, a fake first entry address will not stop a worm even if it did send messages from the address book sequentially. The fake address will bounce, but other worm-laden messages will be sent without a problem.
And perhaps most importantly, many worms now use their own SMTP engine to send themselves, which means that they bypass your email program completely. Basically, such a worm comes loaded with everything it needs to establish a connection with a mail server and send itself to any email addresses it has harvested from the infected computer. Since the worm does not use an existing email application, the operator of the infected computer might not even be aware that a worm is propagating itself. Even if some of the worm messages do bounce because of fake or invalid addresses, the user will not receive any sort of error message.
This strategy may have been somewhat effective for the relatively primitive email worms of days gone by. However, these days it is virtually useless. In fact, rather than offer protection against worms, it may even make worm infections more likely. The inherent danger of this hoax is that users who apply this method may relax their guard and neglect viable anti-virus strategies.
The message claims that if "everybody you know does this then you need not ever worry about opening mail from family or friends". However this claim is doubly flawed. As explained above the "trick" is invalid and will not protect you from modern email worms. Moreover, many worms use address spoofing
so that an email may not really be from a friend or family member, even if it appears to have his or her address in the "From:" field.
The only real protection against virus attack is to maintain a secure computing environment, run reliable and up-to-date anti-virus software and employ common sense. If you receive this "tip", please take a moment to let the sender know that it is not a viable method of email worm protection and should not be forwarded.
Email Worm Spoofing - Spoofing Explained
An example of the hoax email:
HOW TO PROTECT YOUR ADDRESS BOOK
I learned a computer trick today that's really ingenious in
its simplicity. I received it from a friend.
As you may know, when/if a worm virus gets into your computer
it heads straight for your e-mail address book, and sends
itself to everyone in there, thus infecting all your friends
and associates. This trick won't keep the virus from getting
into your computer, but it will stop it from using your address
book to spread further, and it will alert you to the fact, that
the worm has gotten into your system.
Here's what you do; first, open your address book and click on
"new contact", just as you would do if you were adding a new
friend to your list of e-mail addresses.
In the window where you would type your friend's first name,
type in "AAAAAAA", Also use address AAAAAAA@a.aaa
Now, Here's what you've done and why it works: The name AAAAAAA
will be placed at the top of your address book as entry #1. This
will be where the worm will start in an effort to send itself to
all your friends. But, when it tries to send itself to AAAAAAA,
it will be undeliverable because of the phony e-mail address you
If the first attempt fails (which it will because of the phony
address), the worm goes no further and your friends will not be
Here's the second great advantage of this method: If an e-mail
cannot be delivered, you will be notified of this in your IN BOX
almost immediately. Hence, if you ever get an e-mail telling you
that an e-mail addressed to AAAAAAA could not be delivered, you
know right away that you have the worm virus in your system. You
can then take steps to get rid of it!
Pretty slick, huh?
If everybody you know does this then you need not ever worry about
opening mail from family or friends.
Tip of the Week: Windows Key Shortcuts
The Windows keys, normally located 2 keys to the left and right of
the space bar, might be more useful then you realize. Once
incorporated into your every day computing style, these shortcuts
can become quite worthwhile time savers.
- Windows Key : Opens Start Menu.
- Windows Key + E : Opens Windows Explorer.
- Windows Key + Pause/Break : Opens System Properties dialog box
- Windows Key + F : Opens Find Files dialog box
- Windows Key + Control + F : Opens Find Computer dialog box
- Windows Key + R : Opens Run command line interface
- Windows Key + M: : Minimize all open windows
- Windows Key + Shift Key + M : Maximize all open windows
- Windows Key + F1 : Displays Windows Help
- Windows Key + Tab : Moves through task bar buttons.: (Key [enter] to open the selected window)
Feedback from Readers and Site Visitors
Each week a growing number of site visitors have been good enough
to submit examples of hoax or scam emails they have received.
If you receive a hoax or scam email, I would appreciate it if you
would send me a copy
Once again a large number of submission this week involve Nigerian
Loan scams and Lottery scams.
A reader submitted a new version of the Xbox hoax from last year,
which reads in part:
Your email address was entered into our Microsoft X-Box promotional
competition by either yourself or a friend, or perhaps a family
member, at http://www.pikoprizo.com
This is a prize draw, you have actually won a brand new Microsoft
X-Box Gaming Console!
I've updated the write-up about this hoax to include the new version. See the
XBox Giveaway Hoax
If you've received this or a similar Xbox hoax I'd appreciate it
if you would send me a copy.
The new Swiffer Pet Death hoax (See story above) has also been
the subject of numerous submissions and enquires.
Popular pages on the Hoax-Slayer site this week include:
Perfume Email Hoax
Crying Baby Hoax
Amazon Rainforest Email Petition
Thanks again for your submissions and keep them coming!
The Hoax_Slayer Newsletter is published by:
All Rights Reserved
©Brett M. Christensen, 2009
Questions or Comments