Mail Archive sponsored by Chazzanut Online

jewish-music

<-- Chronological -->
Find 
<-- Thread -->

RE: Cure for E virus

I tried sending mail to the wormalert (at) somewhere(dot)com address...

This is a hoax and it is of little use. For answers, please see
attachment.

-- Jeff 


-----Original Message-----
From: owner-jewish-music (at) shamash(dot)org
[mailto:owner-jewish-music (at) shamash(dot)org] On Behalf Of Klezcorner (at) 
aol(dot)com
Sent: Friday, May 31, 2002 3:19 PM
To: World music from a Jewish slant
Subject: Cure for E virus

This was sent to me by a friend

If this really works, then it will solve the Klez Virus problem
Simon
Hatikvah Music

Subject: HOW TO PROTECT YOUR ADDRESS BOOK!

I learned a computer trick today that's really
ingenious in it simplicity. As you may know, when/if a
worm virus gets into your computer it heads straight
for your email address book, and sends itself to
everyone in there, thus infecting all your friends and
associates. This trick won't keep the virus from
getting into your computer, but it will stop it from
using your address book to spread further, and it will
alert you to the fact, that the worm has gotten into
your system.

Here's what you do: first, open your address book and
click on "new contact" just as you would do if you
were adding a new friend to your list of email
addresses. In the window where you would type your
friend's first name, type in AAAAAAA. In the window
below where it prompts you to enter the new email
address, type in WormAlert (at) somewhere(dot)com . Then
complete everything by clicking add, enter, ok, etc.

Now, here's what you've done and why it works: The
"name" AAAAAAA will be placed at the top of your
address book as entry #1. This will be where the worm
will start in an effort to send itself to all your
friends. But when it tries to send itself to AAAAAAA,
it will be undeliverable because of the phony email
address you entered (WormAlert (at) somewhere(dot)com). If the
first attempt fails (which it will because of the
phony address), the worm goes no further and your
friends will not be infected.

Here's the second great advantage of this method: If
an email cannot be delivered, you will be notified of
this in your InBox almost immediately. Hence, if you
ever get an email spelling you that an email addressed
to WormAlert (at) somewhere(dot)com could not be delivered, you
know right away that you have the worm virus in your
system. You can then take steps to get rid of it!
Pretty slick huh?

If everybody you know does this then you needn't ever
worry about opening mail from friends. 

          Pass this on to all your friends.



From: Kee Hinckley [wormalert-admin (at) somewhere(dot)com]
Sent: Tuesday, June 04, 2002 1:05 PM
To: Jeff Kirschenbaum; WormAlert (at) somewhere(dot)com
Subject: Re: 

In reply to a message from "Jeff Kirschenbaum" <jmkirsch (at) 
bellatlantic(dot)net>. More than 5000 auto-replies so far.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You are receiving this message because you either sent mail to the address 
wormalert (at) somewhere(dot)com (or some variation on it), or someone sent 
mail to you and a copy to wormalert (at) somewhere(dot)com(dot)  We are trying 
to stop this hoax, and this is the best way we can think of to do that.  This 
is an automatic reply message, however we will read any replies to this message.

There is a message traveling around advising people that they should add an 
entry called "wormalert (at) somewhere(dot)com" to their address book and give 
it the name "AAAAAA".  This (so the rumour goes) will allow them to detect when 
they get a virus, because the virus will send mail to that address first, 
they'll get the bounce, and then they'll know that they have a virus and can 
stop it. The message sometimes even claims the bogus address will somehow 
"stop" the virus from spreading.

This is a hoax, it does not work.  In fact, the wormalert address receives 70 
to 80 viruses every day--all from people who put it in their address book 
because they thought it would protect them.

1. If a virus has infected your computer, it's too late.  Even if you did see 
the bounce, the virus has already had time to send to everyone in your address 
book and fully infect your computer.  Time to restore from backups.  (You do 
run backups don't you?)

2. Most viruses don't scan your address book in alphabetical order.

3. A false address is not going to keep a virus from sending messages to every 
other address. Even if the virus didn't ignore errors, the bounces occur as 
returned mail, not something that happens immediately.

4. Most viruses forge the from address (the Klez virus sets it to the address 
of someone else in your address book).  That means that even if the virus did 
send to the fake address, it wouldn't bounce to you, it would bounce (with a 
copy of the virus) to someone else.  So all you are doing is *helping* the 
virus!  

What you are seeing is the creation of a computer superstition.  It's right up 
there with using garlic cloves to ward off the plague.  And like most 
superstitions, it's making people ignore the *real* way to combat the problem. 
False beliefs can be dangerous.

There is absolutely no substitute for anti-virus software.  If you run Windows, 
run anti-virus software.  And you *absolutely* must update the virus 
definitions every week.  Not once a year, not once a month.  Once a week.  If 
you're paranoid (I am), update it once a night.  If you are not willing to do 
that, I strongly suggest you go buy a Mac.  I get 2000 attachments every year, 
and around 70,000 email messages.  In 13 years of using a Mac I've been 
infected by *one* virus, ten years ago.  In 20 years of using Unix computers 
I've had none.  The only recent viruses I've received that *could* have 
infected my computers were Microsoft Word viruses--and those got caught by the 
anti-virus software.  That's not to say I don't run Windows either--but I don't 
read mail on Windows machines, and I don't put them directly on the internet, 
it's just not worth the hassle.  So, either use a platform that virus writers 
don't target, or run anti-virus software and keep all of your software 
up-to-date.

If you really want to help your friends and protect them from viruses, cut and 
paste the following virus cure and send *it* to everyone in your address book.

******
                    How to Protect Yourself from Viruses

1. Run anti-virus software and update the virus descriptions weekly. 2. Check 
weekly or monthly for security updates to your OS, email, browser, and office 
applications.  (Microsoft, Apple and the Linux vendors all provide automatic 
mechanisms to do this--use them). 3. Backup your computer. 4. Relax, you've 
done everything you can--time to forward some more jokes. :-)
******

For more information about who we are (so you can see if *this* message is 
telling the truth) see http://consulting.somewhere.com/.  I run Somewhere.Com, 
an internet development consulting company (web development, programming, 
security and the like).  You can also search for my name on the internet to 
find out who I am.  If you're really curious, Google Groups has postings of 
mine going back to 1983 or so.  You'll note that the hoaxes you recieve in 
email seldom give you a place to go and confirm them, let alone attach a name 
you can easily track down and verify.

P.S. I strongly recommend the following two sites for information about viruses 
and hoaxes. 

http://www.datafellows.com/virus-info/ is run by an anti-virus company, other 
anti-virus companies have similar pages--this just happens to be the one I use. 
You can use this site to search for information about real viruses and virus 
hoaxes.  Always check one of these sites before acting on any virus alert you 
receive.  (Especially the ones that tell you to immediately delete system 
critical files on your disk.)

http://www.snopes.com/ specializes in debunking hoaxes.  If you get mail about 
lost children, exploding glasses of water, donations to cancer funds, free 
money or coupons or animations for forwarding email, sterilization drugs used 
in rapes, Jane Fonda's causing POW deaths..., this is the place to find out 
whether they are hoaxes.  (Yes, those are all hoaxes.)

P.P.S.  A lot of the email we see sent to this address is forwarded, and it has 
all of the original email addresses in it, going back several generations of 
forwarding. You don't know where a message is going to end up in the end (after 
all, you didn't expect us to get this one, did you?). Would you like some 
stranger to have your email addresss?  Eventually many of those addresses may 
end up in some spammer's list.  It would be polite to remove people's email 
addresses from messages before you forward them.  And besides, it makes the 
message easier to read if it doesn't start off with 100 lines of email 
addresses.

** This is an automated reply to a message sent to wormalert (at) 
somewhere(dot)com **
** To communicate with a human, send mail to wormalert-admin (at) 
somewhere(dot)com ** -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (Darwin)
Comment: For info see http://www.gnupg.org

iD8DBQE86lS4Jmw993D6vYIRAkIqAKCMuncYrxlg66jsr+goEf5PfcQwAgCg8j7K
snbc2wGJcFB/fmf/RtxdFkI=
=pryQ
-----END PGP SIGNATURE-----

<-- Chronological --> <-- Thread -->