SUBSCRIBE
54
0
Emerging Tech

E-mail virus hoax makes users do the dirty work

George A. Chidi Jr

In the latest perverse trickery pulled off by someone taking pleasure in computer users’ pain, a fake virus warning is circulating by e-mail asking people to delete an innocuous and uninfected executable Microsoft Corp. Windows file and then to pass the warning on to others.

The warning tells users to delete the sulfnbk.exe file, a utility used to restore long file names. The file isn’t usually infected, and running a virus check on it will prove fruitless … which just adds to the hoax’s credibility. The message warns people that it’s a virus undetectable by anti-virus software. Diligent users who search for the file and find it may presume the warning was accurate and delete it.

Standard anti-virus screens will not detect the warning e-mail itself, because it too is not a virus. But if users comply with the message, by deleting the file and forwarding the e-mail to others, the effect is similar.

The message begins, “FOLLOW THE INSTRUCTIONS, I HAD IT!!!!!…,” according to Avert Labs, the anti-virus response division of anti-virus firm McAfee, which itself is a division of Network Associates Inc. “I received this message from a friend and today it is true. I searched for the file following the next instruction and I found it, I had it without knowing,” the warning continues, providing instructions for finding and deleting the file.

“We actually received this one two weeks ago, in Portuguese,” said Joe Hartmann, director of North American virus research for Trend Micro Inc., another anti-virus software vendor. “A couple of days ago we received a version in English with some more text, adding a date to it, June 1.”

An earlier, real threat – the Magistr worm – infected the sulfnbk.exe file, adding to user confusion. This e-mail hoax is unrelated to the earlier worm, which can be detected and destroyed by updated anti-virus software.

Instructions for restoring the deleted file may be found at http://vil.mcafee.com/dispVirus.asp?virus_k=99084&/.

Network Associates, in Santa Clara, Calif., can be reached at http://www.nai.com/.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

George A. Chidi Jr
George A. Chidi Jr
Previous article
Software vendor Cognos issues earnings warning
Next article
STMicroelectronics to close Ottawa plant

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...
Read more

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...
Read more

Related Tech News

Tech Jobs

Subscribe to our Newsletter

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

SUBSCRIBE

Tech Companies Hiring Right Now

Popular Stories This Week

ITWC Network

Follow Us

©

2024

IT World Canada. All Rights Reserved.

SUBSCRIBE