Issues with malware are always with us. There may or may not be a current media storm, or companies hoping for a slice of the anti-malware pie by proclaiming the death of antivirus in a press release, but AV labs continue to slog their way every day through tens of thousands of potentially malicious samples.

Hoaxes, semi-hoaxes and other chain messages are also always with us. While they may have a very significant impact on messaging services and organizations, they tend not to get a lot of media attention, perhaps because they don't have the same obviously catastrophic effects as malware.

In fact, they may constitute a pretty effective DDoS attack, though that probably isn't what motivates the hoaxer. The hoaxer is bolstering his/her own self-esteem by proving to himself how stupid others are, rather than anticipating any financial gain by extorting money from DDoS-ed organizations. I expanded that thought in some commentary for Infosecurity Magazine: Cruising the Misinformation Superhighway.

And in a new ESET paper - Origin of the Specious: the Evolution of Misinformation - I looked at some old-time hoaxes and some of the ways in which hoaxers have adapted to new, shinier social messaging media. What better way to spread false news than getting thousands of people to "like" it on Facebook?

However, I wonder if I should have kept quiet. Since then, hoax alerts have been coming at me from all directions (social media-wise) and I've been blogging furiously on the topic.

In A Load of Old Pit Bull (Bulldog, Staffie, Bull Terrier…) I looked at fake alerts about leaflet droppers et al attaching coloured stickers to gates and doors where there are dogs, with the intention of stealing them. You really have to read the full story to see how silly this contention is.

And in Identifying hoaxes, I summarize some points on Adam Pash's post at Lifehacker on How to Identify and Avoid Spreading Misinformation, Myths, and Urban Legends on the Internet, which includes the older example of a retweeted quotation incorrectly attributed to Martin Luther King Jr.  Unsurprisingly, he recommends Snopes, BreakTheChain.org and TruthOrFiction.com and points to a longer list of resources by Tim Malone.

Adam also draws attention to the use of Google’s date range filter, Dustin Luck’s Debunkadunk custom search engine - which throws your search terms at a range of specialized web sites like Snopes - and to the difficulty of confirming a scam when the scammer floods the Internet with fake recommendations. However, similar issues arise with messages that are classified as (semi-) hoaxes rather than as scams, and I give an example of that in my article.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow