Sometimes frightening virus warnings are just hoaxes.

Question: I just got this message via Nortel’s computer services, so it’s probably not a hoax. Spread the word. If you receive an e-mail titled: “WIN A HOLIDAY”, do not open it — it will erase everything on your hard drive. Forward this letter out to as many people as you can. This is a new and very malicious virus and not many people know about it. This information was announced yesterday morning from Microsoft, please share it with everyone that might access the Internet. Also, do not open or preview any mail that says “RETURNED OR UNABLE TO DELIVER” — this virus will attach itself to your computer components and render them useless. Immediately delete any mail items that say this. AOL has said that this is a very dangerous virus and that there is NO remedy for it at this time. –S.M.

Answer: I get these types of letters regularly in my e-mail box. Most people do. Sometimes they refer to a virus called “Good Times” or “Penpal Greetings” or even “Join the Crew (or Club)”.

The truth is that they are hoaxes. They all invoke the name of at least one recognized authority — in this case Nortel, Microsoft and America Online all in one! — and the e-mails all promise that the virus mentioned arrives as an e-mail, and then wipes out your hard drive or performs some similar heinous act.

You’ll also notice that it encourages you to spread the word. This is why they exist, and this is how they replicate and stay “alive” on the Internet for so long. The author of the letter takes advantage of people’s justifiable concern for computer security and their good nature (they’re counting on the fact that you’d want to be sure your buddy knows about this sudden new danger), as well as the Internet’s ability to disseminate information so quickly.

How can you tell the difference between a fake e-mail warning and the real thing? A little bit of knowledge will go a long way. An e-mail is a text file. It arrives on your hard drive via the Internet, and then is displayed to you. Unlike a piece of software or a macro, an e-mail on its own is not executed or interpreted. In order for a computer virus to spread, it needs to get you to execute some code or programming instructions that can wreak the havoc.

Since e-mail is purely a text file, it can’t be executed. Well, wait, there’s an exception, but it’s easy to watch for. If an e-mail has a file attachment such as a game or even a word processing or spreadsheet file, it may contain a virus.

To spread that virus, you have to save the file attachment to your hard drive and then open it or run it. If the attachment is a document from an office suite program such as Microsoft Word, it may contain a relatively innocuous macro virus.

Today’s advanced office packages often have macro capabilities for legitimate purposes, and virus writers like to exploit these. A macro is a little bit of programming language that can be embedded into a document to perform simple tasks, like math calculations or mini-tools that help format.

If you find yourself infected with a virus from an e-mail, it can be removed with most commercial anti-virus programs. I use F-Secure Anti-Virus 2006. Other commercial ones you can check into using are McAfee VirusScan and BitDefender 9 Standard.
If you receive a program as an attachment, you can also scan it with an anti-virus program to clean it before you run or open it.

Getting rid of a hoax e-mail hoax isn’t as easy. You can delete it from your mailbox. But you’ll likely get “reinfected” – the people who perpetuate these things can be very persistent and they know that somewhere some well-meaning person on the Internet will fall for it, and will spread the virus (and likely end up on their mailing list for future attempts).

There’s a good information page about hoax viruses on the F-Secure Web site at http://www.f-secure.com/virus-info/hoax/. They make the anti-virus software F-Prot.

Another virus and virus hoax reference page is the Urban Legends Reference Page, found on Snopes.com.