Skylarking

Not true. Just a few weeks ago, if you’re an active Facebook user, you may have read that Facebook was going to start charging $4.99 to use the service starting at the end of June 2010. Here’s a snippet of the message that circulated last month:

There is a website that has over 83,000 members of people protesting the following… WE’RE AGAINST THE 4.99 A MONTH CHARGE FOR FACEBOOK FROM JUNE 30TH 2010 See website here…

[website address removed]

Thankfully, this was just one of many Facebook-related hoaxes that circulate the web. (The bigger the site, the bigger the target, the bigger the audience.) Unfortunately, the bogus message caused real problems for many people who decided to look into the web site and Facebook group it promoted.

Many who visited the web site clicked on certain elements which initiated a hijacking attempt on their computers. Further clicking resulted the downloading of malware, spyware, and “highly objectionable images” to the visiting computer.

Shortly after a counter message began circulating among Facebook users and friends alerting them to the harmful effects of the phony Facebook group and web site. (I received copies of both messages. I ignored the first, and said “Just as I thought” to the second.) The warning messages looked something like this:

WARNING: DO NOT JOIN the group We are against paying $4.99 for Facebook – IT’s A VIRUS AND HACKER! There are extremely graphic images at the website they suggest you visit. FACEBOOK has no plans on charging us. ELIMINATE THIS GROUP from your groups & run your spyware ASAP. REPOST THIS AS YOUR STATUS on your Profile. Thanks

Do you think, or know, you were a victim of this insidious hoax?

The problem with malware and spyware is its hard to detect, and its becoming an ever more common problem. Even more problematic than virus attacks.

Best Buy’s Geek Squad will charge any where from $200—$300 to remove spyware from your computer, but I strongly recommend you purchase Spyware Doctor software from PC Tools. It costs only $39.95 and can be installed on up to 3 computers. I recommend Spyware Doctor over any other antispyware program on the market today, but it’s not available in stores.

Only have one computer? Why not ask a friend or relative if they’d like to split the cost with you? You can have PC Tools mail you a CD copy for $9.95.

Read more Skylarking articles about Internet and email hoaxes circulating the web:

• Postcard from Hallmark Hoax
• UPS/FedEd/DHL Email Hoax with Virus
• Truth About Email Petitions
• CNN Daily Top Ten Email Spam

I received the following question just last night:

I received an email telling me that email petitions and chain letters use tracking software and cookies to collect email addresses from anyone who receives that email message. I was also told that email petitions aren’t acceptable by congress like a signed petition would be. Are both these items true?

Well, the first is false, and the second is true.

Tracking Emails and Tracking Software

The only way an email can be tracked is from one sender to the first recipient. If I send an email message to a friend, it is possible for me to be notified when they open the message. If my friend forwards the message to someone else, there is no way for me to tell that has happened; nor is there any way for me to receive the email address of that second recipient, or any recipient after that. So, no, there are no tracking programs of this sort.

BUT, Remember the concept “Six Degrees of Separation”? Erase email addresses before forwarding a message

The idea of “Six Degrees of Separation” says that everyone is 6 steps away from any other person on the planet. Which in my way of thinking means that we are all six steps or less away from a spammer. The problem here being that when people forward an email message they usually leave any previous email addresses in the message, too, plus most people add new addresses of their own when they forward the message. The best practice here is after you click FORWARD and before you click SEND make sure you erase/delete any email addresses that appear within the email message. That is, just before you click SEND, read through the message and erase any email addresses you find in the message. If you don’t, you never know who in the chain knows or is a spammer.

BCC: Blind Carbon Copy Hiding Email Addresses

When you are sending an email message to multiple recipients, use the BCC or Blind Carbon Copy feature to address your message. That is, use BCC instead of TO. An, if your email software says, “At least one recipient is required in the TO field”, then put your email address in the TO field, and everyone else in the BCC field. The BCC field hides the email addresses from the recipients. When the sender uses the BCC field to address an email message, the recipients of that message will see “undisclosed recipients” in the TO field or elsewhere in the message. If you can’t find the BCC feature in your email software, contact your email service provider and have them tell you how to access it. Or you can contact Skylarking and I will help you find the feature.

Email Petitions Don’t Work

That much is true. A genuine petition requires signatures and street addresses. Anyone can type a list of names and email addresses into a petition, but there is no way for the recipient to prove or disprove that those people participated in or knew about the petition. It is best that each individual person email or contact their representative directly, and not as part of some long list of names in an email message. Additionally, you wouldn’t want to include your street address in such a petition, since you never know if that message might eventually end up in the hands of a spammer or an identity thief. After all, most acts of identity theft are performed by the victims friends, co-workers, and family members.

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.

An oldie but a goody has been making the rounds again. The old “postcard from a friend” warning hoax. This one has been circulating in one form or another since 2001. Every three or four years it gets reinvented. Once upon a time it was the “Olympic Torch” hoax. Now, it’s the “Postcard from Hallmark” and the “Postcard from a friend” hoax. Here’s what it looks like as of August and November 2008:

Postcard from Hallmark Warning Hoax

There’s a few tipoffs that this message isn’t to be taken seriously. First off, the Subject line (not shown) has the text “FWD”which means my friend forwarded it to me, and didn’t actually write the message. In some cases you have to open attachments to get to the message, which means it’s been forwarded many times.

Another tipoff is that there are no datesmentioned. When did they check Norton? Norton usually issues updates in less than 24 hours to fight these viruses, so it may be a dead issue by the time I get this email. By the way, Norton doesn’t “gear up”. They just issue a fix and that’s it. Same goes for McAfee, AVG, TrendMicro, and Alwil Avast. they all want to be the first to defeat any new virus, so these things are usually non-issues in less than 24 hours.

Tip: If I saw my friend sent this to me more than a day ago, or that he received it more than a day ago, I’d assume the virus was dead by now. Most of these things have a shelf life of 48 hours. If you renew your antivirus subscriptions every year, then your antivirus gets updated automatically any where from 4 to 12 times per day. That’s about every 2 to 4 hours.

Another tipoff this message is a hoaxis the fact that though they mention “I checked with Snopes (URL above), and it is for real!!”, but there is no URL (web address) in the message. If you take the time to check Snopes you find out this email began popping up again in August and November 2008. That’s 6 months ago. The antivirus companies blocked this virus before Thanksgiving.

Here’s another tip. Here’s what a real email notice from Hallmark looks like as of today:

A Genuine Email Notice From Hallmark

Here’s how to recognize a genuine email notice from Hallmark:

1. The “From” includes Hallmark’s “hallmarkonline.com” email address and your friend’s email address. These messages don’t come anonymously. In your Inbox you would see your friend’s email address or name.

2. The genuine Hallmark email shows your email address in the “To” box. It’s not going to show more than one email address.

3. The genuine Hallmark notice shows your friend’s name in the Subject line with their first and last name. The same goes for the inside of the email message where they boldly display your friend’s full name (red circle area). As a matter of fact, I sent this message to myself from the Hallmark web site, and Hallmark wouldn’t even send the message without a First and last name in the mail form.

Another thing to watch out for is attachments. Hallmark doesn’t send attachments.  If I got a message claiming to be from hallmark from an anonymous friend, and I saw an attachment, I’d know it was a fake. Tap the Delete key.

Best Protection

The best protection from these hoaxes is antivirus software. Get a quality antivirus program, and make sure you renew your antivirus subscriptions every year. The best antivirus programs are from McAfee, Symantec/Norton, TrendMicro, and my personal favorite Avast from Alwil Software at www.avast.com. It’s free, and it works. Check out my post about Avast from last month. it tells you how to best install and set it up.

Renew your antivirus subscriptions every year.

Let me reinforce that point: Renew your antivirus subscriptions every year. If you bought a new computer, chances are you only had a 30 day trial version. It doesn’t update any more after 30 days, so you’re only protected from old viruses after that, not the new ones.

Another Tip: “BCC:” and not “To:”

If you can’t help yourself, and you feel you must notify everyone in your address book, find out how to use the “BCC” (Blind Carbon Copy) feature in your email system instead of the “To” box when addressing your email. All email systems have the BCC feature, but they don’t all display it openly. Using “BCC” instead of  “To” will hide all your friend’s email messages from each other.

Have you heard of six degrees of separation? That’s the theory that we are all separated from one another by 6 people. For example, your friend’s friend’s friend’s friend’s friend is Kevin Bacon. Put another way, your friend six places removed maybe a spammer. The copy of the email warning I received had no less than 268 email addresses in it.  If I was a spammer I would be so very very happy right now to have all those real email addresses.

Conclusions

• “Postcard from Hallmark” warning email is a hoax. It’s been going around for almost 10 years in one form or another.
• Get quality antivirus software such as Avast. (Watch out for the bogus antivirus programs out there).
• Renew your antivirus subscriptions every year. They expire, and expired subscriptions don’t protect you from new viruses.
• Antivirus programs update at least 4 to 12 times a day
• Most viruses are blocked in less than 24 to 48 hours.
• Use BCC instead of To when sending out mass emails. Don’t know where it is? Call your Email Service Providers customer service line or check their Help page. (Don’t know where to look? Contact me or post a comment, and I’ll find out for you.  No charge.)
• Got a question about a potential hoax? Ask Skylarking to investigate or check out http://www.skylarknetworks.com/email-hoaxes.htm#Email_Hoaxes:_How_Spot_Them,_How_To_Check_Them

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form. I’m looking forward to hearing from you.