Skip Maine state header navigation
A Publication Featuring The Information
Services Technology of Maine State Government
| Volume VI, Issue 6 | June 2003 |
|
|
By Bob Witham
There seems to be an upswing in the number of "virus warnings" being floated around the Internet via e-mail recently. Such warnings seem to abound during high stress times such as now. Please be aware that such warnings are likely hoaxes, and not viruses at all. Similarly, it is likely that a great deal of misinformation regarding terrorist activities will be circulated as well.
One recent example of a virus hoax is the jdbgmgr.exe hoax or "Teddy bear" hoax which warns that the program jdbgmgr.exe is a virus that "even McAfee and Norton cannot detect" and is "the worst ever" virus. The truth of this hoax is that jdbgmgr.exe is the Java Debug Manager program shipped as part of the Windows 2000, Windows NT, and Windows XP operating systems. If you list the program under Windows Explorer, the program icon shows up as a teddy bear. This originally played on people’s fears of the Bugbear virus of a year ago. Hoaxes such as this one seem to recycle around the Internet periodically. In fact, Jdbgmgr.exe hoax first came out in April 2002.
Legitimate virus warnings are sent out by the State Security Analyst and distributed to employees through the agency Technical Coordinators and agency IT managers. If you receive a virus warning from any other source, forward it on to your agency technical coordinator or IT manager. Do not forward any virus warning outside of Maine State Government. If you receive a warning from outside of Maine State government, forward it to your agency technical coordinator or IT manager only.
During these stressful times, be wary of any warnings you receive via e-mail that do not come from authoritative Maine State Government sources. Authoritative sources for Maine State Government include: the Governor, your commissioner, your bureau director, your IT manager, your technical coordinator, and the BIS information systems security analyst.
"How to spot an e-mail hoax" below is taken from the Urban Legends website at:
<http://urbanlegends.about.com/library/howto/hthoax.htm?once=true&>
Note whether the text was actually written by the person who sent it to you. If not, be skeptical.
Look for the telltale phrase, "Forward this to everyone you know."
Look for statements like "This is not a hoax" or "This is not an urban legend." They usually mean the opposite of what they say.
Look for overly emphatic language, the frequent use of UPPERCASE LETTERS and multiple exclamation points!!!!!!!
If the message seems geared more to persuade than to inform, be suspicious. Hoaxers are out to push emotional buttons.
If the message purports to give you extremely important information that you've never heard of before or seen elsewhere in legitimate sources, be suspicious.
Read carefully and think critically about what the message says, looking for logical inconsistencies, violations of common sense and obviously false claims.
Look for subtle or not-so-subtle jokes, indications that the author is pulling your leg.
Check for references to outside sources. Hoaxes will not typically name any, nor link to Websites with corroborating information.
Check to see if the message has been debunked by Websites that cover
Internet hoaxes (see below).
Tips:
Virtually any chain e-mail you receive (i.e., any message forwarded multiple times) is more likely to be false than true. Be skeptical.
Hoaxers usually try every means available to make their lies believable -- e.g., mimicking a journalistic style, attributing the text to a "legitimate" source, etc.
Be especially wary of health-related rumors. Most importantly, never act on such rumors without first verifying their accuracy with your doctor or other reliable source.
Another good source for information on virus hoaxes is Rob Rosenberger’s Vmyth website at: <http://www.vmyths.com/> . A good source for information on hoaxes in general is the Urban Legends website at: <http://urbanlegends.about.com/library/blhoax.htm> .
Questions? Contact BIS Security Analyst Bob Witham by e-mailing Robert.L.Witham.Jr@maine.gov.
