Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Internet Hoaxes - Best Practice of not forwarding email

Idea As a best practices, always resist the urge to forward unusual email messages to your friends. Controversial email topics serve as "bait" for hoaxes or seeding malware to others. When in doubt, avoid sending these messages to others and research it more thoroughly if desired. If the email asks you to "pass this on to others" it's likely to be a hoax or it has an agenda behind it.

While a hoax may seem innocent, it can alarm your friends. It will certainly waste someone's time in reading or possibly researching the associated claims. Finally when true information is sent out, the recipient may ignore it thinking it's "yet another hoax".


Internet Hoaxes - Popular email myths continue to circulate
http://www.informationweek.com/news/internet/security/showArticle.jhtml?articleID=211300532

QUOTE: These hoaxes use social engineering to trick people into doing what they otherwise wouldn't do," said Patrick Runald, chief security advisor for F-Secure, an Internet security firm. Graham Cluley, a senior security analyst with Sophos, a London-based security vendor, agreed. "The most successful hoaxes have been the ones that people had a real compulsion to forward. These things can't travel unless humans participate. And, unlike anti-virus software, we haven't found a way to upgrade the human brain," said Cluley.

Seven popular and persistant hoaxes circulating in email
1. Save Amanda Bundy
2. Petition to Ban Religious Broadcasting
3. Bill Gates' Millions Giveaway
4. Good Times Virus
5. The Last Tourist
6. Snowball, the Giant Mutant Cat of Ontario
7. Bigfoot Captured!

Snopes - Top 25 Urban Legends
http://www.snopes.com/info/top25uls.asp

Brand New Urban Legends being circulated in email
http://urbanlegends.about.com/od/reference/a/new_uls.htm

EXCELLENT QUIZ - 50 photos
(are they real or fake - scored 60%)
http://urbanlegends.about.com/library/bl_image_quiz.htm

Research Sites to verify unusual email claims
http://urbanlegends.about.com/
http://www.hoaxbusters.org/
http://www.snopes.com/

Posted: Oct 30 2008, 12:53 PM by Harry Waldron | with 2 comment(s)

Comments

John Franks said:

Great article, because, in the realm of risk, unmanaged possibilities become probabilities:  These data breaches and thefts are due to a lagging business culture.  As CIO, I'm always looking for ways to help my team, business teams, and ad hoc measures of various vendors, contractors and internal team members.  A book that is required reading is "I.T. WARS:  Managing the Business-Technology Weave in the New Millennium."  

We keep a few copies kicking around - it would be a bit much to expect outside agencies to purchase it on our say-so.  But, particularly when entertaining bids for projects and in the face of challenging change, we ask potential solutions partners to review relevant parts of the book, and it ensures that these agencies understand our values and practices.

The author, David Scott, has an interview here that is a great exposure:  businessforum.com/DScott_02.html

The book came to us as a tip from one of our interns who attended a course at University of Wisconsin, where the book is in use. It has helped us to understand that, while various systems of security are important, no system can overcome laxity, ignorance, or deliberate intent to harm.  The real crux of the matter is education and training to the organization as a whole – and a recurring schedule of training – in building a sustained culture and awareness; an efficient prism through which every activity is viewed from a security perspective prior to action.

I like to pass along things that work, in the hope that good ideas continue to make their way to me.  

# October 31, 2008 11:51 AM

Harry Waldron - Corporate and Home Security said:

Both of these quizes are fun to take and some of the results are surprising as there are many unusual

# November 20, 2008 9:09 AM