While e-mail-borne virus activity is showing signs of stagnating, e-mail hoaxes appear to be as menacing as ever and companies can expect a large jump in hoax activity next week.
E-mail filtering company SurfControl is expecting a large jump in hoaxes to coincide with the anniversary of the September 11 terrorist attacks.
According to Charles Heunemann, managing director SurfControl, the biggest problem with last year's September 11 hoaxes was their unique ability to distract people from daily tasks.
Heunemann expects the new crop of hoaxes to resemble the Nostradamus-hoax in concept. The hoax e-mail contained stanzas of text bearing strong resonance with the disaster purported to be extracts from Nostradamus' ominous tome.
"The problem with that particular kind of hoax is that it'll actually get people unsettled and frightened...it will certainly have an impact on the workplace," said Heunemann.
While mayhem caused by hoax e-mails remains strong some virus-monitoring centres have recorded a slow-down in activity attributed to new viruses.
Trend Micro Australia is reporting a "relative lull" in new virus propagation throughout much of 2002.
Similarly Panda Software has reported that "August has been comparatively calm in terms of new virus outbreaks".
According to SurfControl managing director Charles Heunemann, the recent trend may be cause for Microsoft to celebrate. He said the recent decline in new computer viruses being reported is probably due to Microsoft's recent efforts to reduce vulnerabilities in their products.
"This will have at least cut down on virus production by script kiddies," said Heunemann.
Sophos is less keen to create a perception that new virus activity has slowed. Their virus statistics for August show an increase in new viruses this month over last month, and its year-on-year comparison indicates that incidence of new virus activity is relatively stable.
Regardless Paul Ducklin, head of global support Sophos Anti-Virus, said that top ten reporting tools used by many virus-monitoring agencies are unreliable indicators of new virus activity. He said that a month in which there are relatively few new viruses entering a top ten list may simply indicate that a class of older viruses, or a particularly prevalent virus, has been controlled.
"In any case, there are still hundreds of new viruses each month, said Duclkin. "I suspect that the range of truly new virus ideas coming into circulation from the counterculture is as big as it ever has been."
However hoaxes are still causing as much confusion as real viruses and can be just as destructive, according to Sophos.
"Though many [hoaxes] have been debunked, many, many times they're still circulating and people are still forwarding them to each other, presumably because they still believe them," said Ducklin.
The case of JDBGMGR hoax is instructive. The hoax which first appeared in May is still number one on Sophos's top ten hoaxes list. Purporting to provide virus advice, the hoax designer warned users to delete a legitimate Windows file called JDBGMGR.EXE.
While viruses can be intercepted by technological means, Ducklin said that a virus alleged to be inside a hoax would simply never be found. At the same time, Ducklin said that when individuals follow instructions contained in hoaxes they can act as a "manual version of a virus".
If anyone is stupid enough to follow the instructions to remove a previously unheard of virus sent to them via email, from a friend of a friend of a friend, then they deserve everything they get.
Especially when they do it before going off to any virii/tech website to confirm its validity.