January 3, 2003 7:02 AM PST
Fooled again: Virus hoaxes persist
- Related Stories
Hoax tells people to nix Windows fileMay 16, 2002
Virus watchers seek to mute MP3 hoaxJune 29, 2001
"AOL virus" joke fooling someJune 8, 2001
Real virus piggybacks on e-mail hoaxJune 4, 2001
Duped by worm hoax, victims seek file fixMay 31, 2001
Security group going to the dogs after hoax alertJuly 12, 2000
Fueled by concern over genuine threats such as Klez, Bugbear and Magistr,
Anti-virus firm Sophos released details of its latest top 10 virus hoaxes on Thursday. These hoaxes typically warn the reader not to open an e-mail with a certain subject line, or to immediately delete a particular file on their hard drive because they contain a virus. They will also tell the reader to forward the warning to their friends and colleagues.
Topping the pile in December, for the eighth successive month, was an e-mail that urged users to delete a legitimate file called jdbgmgr.exe from their machine. The original version of this hoax claims that this file is a virus spread by MSN Messenger, while a later version claims that deleting it will remove the Bugbear-A worm from a system.
Both claims are false, and antivirus experts believe the connection with Bugbear came about because the icon of jdbgmgr.exe is a small, gray teddy bear.
The jdbgmgr.exe e-mail made up 13.7 percent of all hoaxes reported to Sophos in December.
Most of the other popular hoaxes were false warnings about certain e-mails or programs, which they claimed were actually viruses.
These included a claim that a screensaver based on the Budweiser Frogs was actually a dangerous virus, and another alleging that an e-mail with the subject line "A virtual card for you" contained a virus that will "permanently destroy a hard disk" when opened.
A similar e-mail claimed that a bowling game in which elves were used in place of bowling pins contained a virus that would strike on Christmas Day.
Even though such hoaxes didn't encourage the reader to delete files from their machine, they are harmful because--by urging that they should be distributed to as many people as possible--they waste both time and bandwidth.
Even though all the major antivirus companies include information on such hoaxes on their Web sites, people continue to fall for them.
At No. 6 on the Sophos list is an e-mail that claimed Microsoft was conducting an audit of Hotmail users and that anyone who failed to forward the e-mail on to other Hotmail accounts would see their own account deactivated, as Microsoft would conclude that it was no longer in use. This e-mail was identified as being deceptive as far back as summer 2001, but it appears many people still haven't got the message about this hoax, or indeed many others.
"The jdbgmgr hoax has been at the top of the myth list for eight months and shows no signs of subsiding," Graham Cluley, senior technology consultant at Sophos said in a statement. "The seasonal elf-bowling hoax about a joke program which shows Santa Claus playing ten-pin bowling with elves made a reappearance after a full year away," Cluley added.
ZDNet UK's Graeme Wearden reported from London.