If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying Hoaxes and UrbanLegends
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cyber Security Tip ST04-009 Identifying Hoaxes and Urban Legends Chain letters are familiar to anyone with an email account, whether they are sent by strangers or well-intentioned friends or family members. Try to verify the information before following any instructions or passing the message along. Why are chain letters a problem? The most serious problem is from chain letters that mask viruses or other malicious activity. But even the ones that seem harmless may have negative repercussions if you forward them: * they consume bandwidth or space within the recipient's inbox * you force people you know to waste time sifting through the messages and possibly taking time to verify the information * you are spreading hype and, often, unnecessary fear and paranoia What are some types of chain letters? There are two main types of chain letters: * Hoaxes - Hoaxes attempt to trick or defraud users. A hoax could be malicious, instructing users to delete a file necessary to the operating system by claiming it is a virus. It could also be a scam that convinces users to send money or personal information. Phishing attacks could fall into this category (see Avoiding Social Engineering and Phishing Attacks for more information). * Urban legends - Urban legends are designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information. Another common form are the emails that promise users monetary rewards for forwarding the message or suggest that they are signing something that will be submitted to a particular group. Urban legends usually have no negative effect aside from wasted bandwidth and time. How can you tell if the email is a hoax or urban legend? Some messages are more suspicious than others, but be especially cautious if the message has any of the characteristics listed below. These characteristics are just guidelines—not every hoax or urban legend has these attributes, and some legitimate messages may have some of these characteristics: * it suggests tragic consequences for not performing some action * it promises money or gift certificates for performing some action * it offers instructions or attachments claiming to protect you from a virus that is undetected by anti-virus software * it claims it's not a hoax * there are multiple spelling or grammatical errors, or the logic is contradictory * there is a statement urging you to forward the message * it has already been forwarded multiple times (evident from the trail of email headers in the body of the message) If you want to check the validity of an email, there are some websites that provide information about hoaxes and urban legends: * Urban Legends and Folklore - http://urbanlegends.about.com/ * Urban Legends Reference Pages - http://www.snopes.com/ * TruthOrFiction.com - http://www.truthorfiction.com/ * Symantec Security Response Hoaxes - http://www.symantec.com/avcenter/hoax.html * McAfee Security Virus Hoaxes - http://vil.mcafee.com/hoax.asp __________________________________________________ _______________ Authors: Mindi McDowell, Allen Householder __________________________________________________ _______________ Produced 2004 by US-CERT, a government organization. Last updated August 25, 2009. Note: This tip was previously published and is being re-distributed to increase awareness. Terms of use http//www.us-cert.gov/legal.html This document can also be found at http//www.us-cert.gov/cas/tips/ST04-009.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSpVpG3IHljM+H4irAQJi6ggAqgPzvqJ+Rx7r3UpZEy qdVVyOS0GJ8N1Q EDUljmu3xJKD7N6E+k0FQ59gs72BnMuk10VDEiSg1siR8ElVxg YmIpd1m0CFYx8Q aLEFGZvoJ8IiSYUtiGVAFEGPkfYygIB2Ql5JmzYW8dokuK/7+UT8uFAXoeBTs9JZ nPYPWMgjvA5IlsimDyAPeprNIsycw06qEgUjJJO/bm/1fRq1LD+l3LYL3AKhrZUo XtjZJDkG2i6m9c20ApnMotfMKJ2/6xFpiUwHRp1JqgqmXSA7LIDd6pygMmYiZTHQ 0p7rUEcKMaZ9AdBpEL2jB/AE0O5lO9K/0O26r4rqgc/Eh2A06b/xoQ== =EYAk -----END PGP SIGNATURE----- |
#2
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying Hoaxes andUrbanLegends
MEB wrote:
Cyber Security Tip ST04-009 Identifying Hoaxes and Urban Legends Urban legends usually have no negative effect aside from wasted bandwidth and time. As usual, MEB's post was a waste of time and bandwidth. Off-topic for Windows 98. Why don't you post this in one of these microsoft groups: microsoft.public.security.virus microsoft.public.security.homeusers microsoft.public.windowsxp.general Why do you insist on posting these off-topic CERT publications here? If you're truly genuine and want to alert the world of these threats, why don't you do it in a more applicable forum, and one that reaches more people? The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Why don't you go and hang out with moms? At least you can impress that crowd with your fake knowledge and gonzo-legal speak. |
#3
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying Hoaxes andUrbanLegends
MEB wrote:
Cyber Security Tip ST04-009 Identifying Hoaxes and Urban Legends Urban legends usually have no negative effect aside from wasted bandwidth and time. As usual, MEB's post was a waste of time and bandwidth. Off-topic for Windows 98. Why don't you post this in one of these microsoft groups: microsoft.public.security.virus microsoft.public.security.homeusers microsoft.public.windowsxp.general Why do you insist on posting these off-topic CERT publications here? If you're truly genuine and want to alert the world of these threats, why don't you do it in a more applicable forum, and one that reaches more people? The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Why don't you go and hang out with moms? At least you can impress that crowd with your fake knowledge and gonzo-legal speak. |
#4
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying Hoaxes andUrbanLegends
98 Guy wrote:
MEB wrote: Cyber Security Tip ST04-009 Identifying Hoaxes and Urban Legends Urban legends usually have no negative effect aside from wasted bandwidth and time. As usual, MEB's post was a waste of time and bandwidth. Off-topic for Windows 98. Why don't you post this in one of these microsoft groups: microsoft.public.security.virus microsoft.public.security.homeusers microsoft.public.windowsxp.general Why do you insist on posting these off-topic CERT publications here? If you're truly genuine and want to alert the world of these threats, why don't you do it in a more applicable forum, and one that reaches more people? The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Why don't you go and hang out with moms? At least you can impress that crowd with your fake knowledge and gonzo-legal speak. Really, so, according to you, 9X users no longer receive email,,, yeah, you continually show how *dim a bulb* you really are... -- MEB Windows Networking, Diagnostics, and other materials http://peoplescounsel.org/ref/windows-main.htm The "real world" of Law, Justice, and government http://peoplescounsel.org ------- |
#5
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying Hoaxes andUrbanLegends
98 Guy wrote:
MEB wrote: Cyber Security Tip ST04-009 Identifying Hoaxes and Urban Legends Urban legends usually have no negative effect aside from wasted bandwidth and time. As usual, MEB's post was a waste of time and bandwidth. Off-topic for Windows 98. Why don't you post this in one of these microsoft groups: microsoft.public.security.virus microsoft.public.security.homeusers microsoft.public.windowsxp.general Why do you insist on posting these off-topic CERT publications here? If you're truly genuine and want to alert the world of these threats, why don't you do it in a more applicable forum, and one that reaches more people? The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Why don't you go and hang out with moms? At least you can impress that crowd with your fake knowledge and gonzo-legal speak. Really, so, according to you, 9X users no longer receive email,,, yeah, you continually show how *dim a bulb* you really are... -- MEB Windows Networking, Diagnostics, and other materials http://peoplescounsel.org/ref/windows-main.htm The "real world" of Law, Justice, and government http://peoplescounsel.org ------- |
#6
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying HoaxesandUrbanLegends
MEB wrote:
The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Really, so, according to you, 9X users no longer receive email,,, yeah, you continually show how *dim a bulb* you really are... Win 9x users also drive cars. Does that mean I should post auto recall notices here too? You are the dim bulb. There are newsgroups (yes, even microsoft newsgroups) that pertain to security. Why would it not be more appropriate to post those CERT warnings there? You should post them there, and then advocate that win-9x users also read those security groups. Why don't you do that? Why do you care only about win-9x users? Don't you want XP users to also know about those CERT warnings? Why don't you also post them to the XP-related groups? |
#7
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying HoaxesandUrbanLegends
MEB wrote:
The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Really, so, according to you, 9X users no longer receive email,,, yeah, you continually show how *dim a bulb* you really are... Win 9x users also drive cars. Does that mean I should post auto recall notices here too? You are the dim bulb. There are newsgroups (yes, even microsoft newsgroups) that pertain to security. Why would it not be more appropriate to post those CERT warnings there? You should post them there, and then advocate that win-9x users also read those security groups. Why don't you do that? Why do you care only about win-9x users? Don't you want XP users to also know about those CERT warnings? Why don't you also post them to the XP-related groups? |
#8
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying HoaxesandUrbanLegends
98 Guy wrote:
MEB wrote: The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Really, so, according to you, 9X users no longer receive email,,, yeah, you continually show how *dim a bulb* you really are... Win 9x users also drive cars. Does that mean I should post auto recall notices here too? You are the dim bulb. There are newsgroups (yes, even microsoft newsgroups) that pertain to security. Why would it not be more appropriate to post those CERT warnings there? You should post them there, and then advocate that win-9x users also read those security groups. Why don't you do that? Why do you care only about win-9x users? Don't you want XP users to also know about those CERT warnings? Why don't you also post them to the XP-related groups? I owe no users of XP, VISTA, or other Microsoft products, any form of help or otherwise, I have never suggested or advised of their usage. I need post no where else, it is a matter of my personal choice. Still trying to tell us what we can post and where huh,,, do you think ANYONE ANYWHERE cares what you think or want... here you are, ONCE AGAIN, posting drivel into an advisement of value to 9X users.... -- MEB Windows Networking, Diagnostics, and other materials http://peoplescounsel.org/ref/windows-main.htm The "real world" of Law, Justice, and government http://peoplescounsel.org ------- |
#9
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying HoaxesandUrbanLegends
98 Guy wrote:
MEB wrote: The truth is that your security warnings are fit only for posting to this newsgroup: microsoft.public.mom.security Really, so, according to you, 9X users no longer receive email,,, yeah, you continually show how *dim a bulb* you really are... Win 9x users also drive cars. Does that mean I should post auto recall notices here too? You are the dim bulb. There are newsgroups (yes, even microsoft newsgroups) that pertain to security. Why would it not be more appropriate to post those CERT warnings there? You should post them there, and then advocate that win-9x users also read those security groups. Why don't you do that? Why do you care only about win-9x users? Don't you want XP users to also know about those CERT warnings? Why don't you also post them to the XP-related groups? I owe no users of XP, VISTA, or other Microsoft products, any form of help or otherwise, I have never suggested or advised of their usage. I need post no where else, it is a matter of my personal choice. Still trying to tell us what we can post and where huh,,, do you think ANYONE ANYWHERE cares what you think or want... here you are, ONCE AGAIN, posting drivel into an advisement of value to 9X users.... -- MEB Windows Networking, Diagnostics, and other materials http://peoplescounsel.org/ref/windows-main.htm The "real world" of Law, Justice, and government http://peoplescounsel.org ------- |
#10
|
|||
|
|||
US-CERT Cyber Security Tip ST04-009 -- Identifying HoaxesandUrbanLegends
MEB wrote:
Why do you care only about win-9x users? Don't you want XP users to also know about those CERT warnings? Why don't you also post them to the XP-related groups? I owe no users of XP, VISTA, or other Microsoft products, any form of help or otherwise, I never implied that you *owed* help to anyone. But nonetheless you do post material here that passes as your version of help. If these cert warnings are not a form of help - then what are they? I have never suggested or advised of their usage. Suggestions of their usage was, again, never indicated by my questions. When I asked you why you post these cert warnings here, to a win-98 group, and not to a security-focused group or even an XP-focused group, your response that you don't "suggest or advise of their usage" (XP, vista, etc) was immaterial to my question. I need post no where else, it is a matter of my personal choice. Why do you need post at all? And why post these cert warnings in a manner that violates established protocal? A protocal was created by establishing a set of microsoft discussion groups, each for the purpose of discussing specific topics. Your posts of these cert warnings does not meet the criteria for a windows-98-centric post. And still you haven't answered the question - why do you single out a windows-98 group for these posts? If your intentions are genuine, then the largest audience for them is either one (or several) security-related groups, or one (or more) XP-related groups. Still trying to tell us what we can post and where huh I'm asking you to explain your logic why you post those cert warnings here. I provided a logical argument why they should be posted to other groups. Your retort was that it's your personal choice - which indicates that you can't defend your reasons in any rational, logical way. do you think ANYONE ANYWHERE cares what you think or want... Ah, so we're back to this again. You never did respond to my observation that it must be important to you if or how other people care about you. here you are, ONCE AGAIN, posting drivel into an advisement of value to 9X users.... Does it upset you that I am devaluing your material? Is it important to you that others respect you and see your posts as valuable? |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
yet another - US-CERT Technical Cyber Security Alert TA09-051A -- Adobe Acrobat and Reader Vulnerability | MEB[_16_] | General | 82 | February 28th 09 10:18 AM |
US-CERT Technical Cyber Security Alert TA08-319A -- Mozilla Updates for Multiple Vulnerabilities | MEB[_2_] | General | 0 | November 15th 08 10:12 AM |
US-CERT Technical Cyber Security Alert TA08-309A -- Adobe Reader and Acrobat Vulnerabilities | MEB[_2_] | General | 5 | November 9th 08 01:57 AM |
US-CERT Technical Cyber Security Alert TA08-309A -- Adobe Reader and Acrobat Vulnerabilities | MEB[_2_] | Disk Drives | 0 | November 5th 08 06:12 AM |
US-CERT Cyber Security Tip | MEB[_2_] | General | 0 | May 14th 08 07:22 PM |