Bugs and Fixes: How to Spot Virus Hoaxes a Mile Off

A tech-savvy friend recently forwarded an e-mail message to me, warning of a PC virus that antivirus software couldn't detect. The alert said that his PC had been infected and that the virus had already sent itself to everyone in his address book, including me. The virus would lie dormant for two weeks "before damaging the system."

Yow! My friend's message identified jdbgmgr.exe as the infected file and told me to delete it. Bad idea. The executable file in question is actually built into Windows. If you delete it, then some Web sites that rely on Java won't work properly. My friend had fallen for a recent virus hoax.

It's just one of many virus hoaxes making the rounds these days--and they're not going away. In fact, most new hoaxes are merely older ones that have been modified and put back into circulation. In this way, virtually all hoaxes stick around for years. For details about the latest hoaxes, check out McAfee.com's alerts page or see Symantec's list.

Meanwhile, have you been getting some unusual alerts lately? Here are some tips on how to identify virus hoaxes:

1. Detect the undetectable. Beware of warnings that claim a virus is undetectable. In general, if you keep your antivirus software up-to-date, your system will nab the latest viruses.
   
   
2. Study the subject. If the e-mail message's subject line includes words such as "Urgent," "Warning," or even "Virus Alert," it's often a good indication that you're dealing with a hoax. Read the e-mail message with great skepticism, not great urgency.
   
   
3. Beware of tech talk. Look out for pseudo-technical discussions on the dangers of the virus. Some hoax messages include pure gobbledygook.
   
   
4. Check the sources. To create an aura of credibility, a hoax often quotes a well-known company or agency, such as Microsoft, the Federal Communications Commission, or an antivirus company. Check the Web sites of the sources quoted (or see your antivirus vendor's site). Remember also that Microsoft never posts virus alerts via e-mail.
   
   
5. Scrutinize the instructions. Beware of messages that insist you delete a file manually. True, at times you should do so, but in the context of the other tip-offs, this instruction should raise a red flag.
   
   
6. Don't spread the word. False alerts always urge you to tell everyone you know. Genuine alerts never do. Ignore the instructions, delete the message, and don't alarm everyone on your mailing list.