Don't Be E-Hoaxed
By Chris Taylor
I can stand Spam. The unsolicited junk e-mail that pours into my In box at the rate of a couple of hundred a day doesn't bother me much. You can pretty much blank it out by not opening those enticing messages with titles like "chance of a lifetime!" or "hot naked co-eds!" What I can't stand is chain mail and hoaxes, because they tend to come from friends. And it's tough telling friends they've been had, especially in front of all the other folks who were copied on the message.
In fact, I ought to save a lot of people embarrassment right now by stating the following: there is no "Good Times" virus. Microsoft and AOL are not "teaming up" to conduct any kind of survey. The Postal Service is not about to charge 5[cents] for every e-mail. Deodorants do not cause breast cancer. M&M's will not give you free candy, nor will the Gap send you a free pair of jeans, nor will Honda drive a brand-new Civic to your front door if you pass on "their" messages.
You may laugh. But the anonymous pranksters behind these and hundreds of other hoax mailings are getting quite astute about what we will and won't fall for. And sometimes their intentions aren't merely to spread confusion or show our gullibility.
Take the case of Joanne Holderman, a smart, fiftysomething community volunteer and AOL user in Santa Barbara, Calif. Last month she received mail from an official-looking AOL address offering a month's free service to make up for recent difficulties with her phone line. All she had to do was "log on"--that is, reply with her username and password. She duly did so. The next weekend she started getting angry notes from strangers, demanding that she stop sending them pornography.
The first e-mail, of course, had not come from AOL HQ. Some enterprising (and cowardly) porn-site operator had been looking for an AOL account to "bounce" his spam mailings out of--in this case, 1,700 of them. Once someone has your password, it's child's play for him to pass out, under your name, anything he wants. Sending a fake e-mail to elicit the necessary information is called password fishing, and Holderman is by no means the first to fall for it. Remember, the Melissa virus was first sent from an unsuspecting AOL user's account. And there is never any reason to give your AOL password to anyone. Not even Steve Case.
But advanced hoaxsters don't just fish. A recent spate of e-mails claiming to be from Microsoft tell Windows users that to update their system for Y2K, they need to download a patch attached to the mail. I needn't tell you how dangerous it can be to open attachments in suspicious-looking e-mail--again, this is how Melissa started.
Bottom line: no matter how official an e-mail looks, be wary. Check the company's website--many firms like Microsoft and Honda debunk myths on their home pages. Personally, I take note of spelling and grammar in suspect mail. Hoax authors do not appear to be the biggest fans of dictionaries.
Once you've nailed a hoax, don't just sit on it. Forward the mail you got to a wonderful little site, hoaxcheck@hoaxkill.com It not only lists the most common hoaxes out there but also automatically warns everyone who received the same mail not to pass it on. Which should take the pain and embarrassment out of telling your friends what dummies they are.
For more on e-mail hoaxes and chain letters, check out timedigital.com Questions for Chris? E-mail him at cdt@well.com