Who creates email hoaxes and why?

Filed Under: Malware, Social networks, Spam

Message in a bottle

The resurgence of the Marks & Spencer voucher hoax that I wrote about earlier this week got me thinking. Who is behind all these hoaxes and chain letters, and why were they created?

"They don't know better"
There is no doubt that some email hoaxes are created entirely innocently. Take, for example, the JDBGMGR hoax that was being sent around the internet widely a few years ago.

The hoax warned that people should be on the alert for a file called JDBGMGR.EXE (which had a terrifying icon of a teddybear), as it could mean that their computer would be struck by a malicious payload within 14 days.

Even though JDBGMGR.EXE was a legitimate program produced by Microsoft (although heaven only knows why they chose a teddybear for its icon..), some people swore blind that their version of it was infected by a virus. And indeed some people did have some instances of the file infected by the W32/Magistr-A virus.

But that didn't mean that warning about a particular filename was a sensible way to warn about a threat, especially when many clean, uninfected PCs had a perfectly legitimate copy of Microsoft's Debugger Registrar for Java on their hard drives.

So, in all likelihood the JDBGMGR hoax was started by someone who simply didn't understand how to warn about something sensibly, and instead issued an alert based upon the wrong information. It would be a bit like warning about a mugger by saying to be suspicious of anyone who wears Nike trainers.

"Stupid stunt"
Not all hoaxes come out of ignorance however. Some hoaxes have even born out of marketing departments. Take the example of the Irina hoax. Irina was a publicity stunt that went out of control. Journalists received a snail-mail letter, apparently coming from Professor Edward Prideaux of the Eastern Slavonic School of Studies warning about a new "undetectable" computer virus.

However, in truth the Professor and his school only existed in the imagination of Penguin Books, who were publicising a new novel. Nevertheless some journalists fell for it, and warned their readers of the threat - meaning that anti-virus companies were busy for years debunking something that should never have occurred in the first place.

"Message in a bottle"
Perhaps the hoaxes started for the most romantic reasons - although they are miserable for the rest of us - are the daft, crazy hoaxes. Things like Good Times, which had more comebacks than Frank Sinatra, which claimed ridiculous things would happen to your computer if you received an email with a particular subject line.

These hoaxes appear to evolve out of the fevered imaginations of people who want to see how far the hoax will spread. Maybe they are encouraged by the idea of whether a hoax released in one place, will ever make it back to them - like a message in a bottle.

"A malicious agenda"
And finally there are the malicious hoaxers. That's the category I would put the Marks & Spencer voucher hoax into. By asking people to cc an email address at a building firm they surely knew that they would be bombarding that individual with email if the hoax took off. Other hoaxes have made inflammatory claims that lipstick causes cancer, or that particular companies should be boycotted - perhaps because of lack of accurate information, or perhaps for malicious reasons.

Whatever the motivation for email hoaxes, they seem to be talked about less today than they used to. They're still out there - but perhaps they normally have less impact as people are so bombarded by spam in their inbox that they hardly notice a few more messages.

That doesn't make hoaxes any less of a nuisance of course, and we have seen evidence of them spreading via new Web 2.0-style online social networks too. All we can hope is that in the future more people will try and check out the facts before pressing the "forward" button.

Sadly, many people are all too willing to believe something they receive in their email that they would never believe if a stranger told them on the bus.

* Image source: aturkus's Flickr photostream (Creative Commons 2.0)

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.