What would you do if you received an e-mail from a friend or associate going on like this:


Be careful
I was notified of a new virus that can not be detected from ant virus software and will be activated on June 1st. It is very probable that it is already settled in your hard drive.
To avoid consequences do the following:
Before shutting down your pc on May 31st run "find files" (Start--> Find --> Archives or folders) for "sulfnbk.*" searching c:/ and all subfolders. It is most likely that you will find it in  C:/windows/command.
Delete it at once, from the recycle bin as well.
Watch your disks and incoming e-mails.


Seven out of 10 users would act according to those instructions, erasing the "dangerous" file and five out of seven would forward the e-mail making sure that their correspondents became aware of the potential danger. The result would be that a significant number of users  would erase a totally harmless, thankfully not vital,  Windows file.  This message first appeared in Brazil and Portugal and it is possible that it started as a simple misunderstanding, since there was a virus infecting this file but all good anti virus software was able to detect it and disinfect the file.

Ti is however a fact, proven also by other similar cases, that hackers and internet pirates have discovered a new means of attacking computers. This form of "virus" attack is very sophisticated, from a psychological point of view. It is mainly aimed at simple users since most big companies with well organized computer departments and even single users with advanced software knowledge, would not fall for this kind of a warning since they can identify useful files.

Through this approach the attacker:

1. discredits anti virus software

2. override the electronic defenses

3. makes the user a victim and a carrier (like in biological warfare)

4. can not be traced back since in this kind of escalation it is very difficult to locate the "index case"

5. initiates a chain reaction based on the valid assumption that users will try to inform as many others as possible


How can attacks like this be faced

You could be able to recognize a similar attack by the following characteristics:

  • word of inability of anti virus or other electronic protection programs to deal with the danger
  • a sense of urgency like a timeline
  • analytic instructions on how to face the problem

If you receive a message like this we would advise you to do the following:

1. contact you hardware or/and software merchant

2. visit the site an anti virus software producing firm (they usually are well informed on this kind of hoaxes)

3. run a search with your favorite search engine with the disputed archive's name as keyword

4. contact the person who sent you the mail to get feedback on his actions and results. 99 times out of 100 the sender will be someone you know and nothing more than a potential victim like yourselves.

After completing this line of action you will have found one answer or another (98 times out of 100) and you 'll know what to do. If however you still have doubts (you are in the remaining 2%), you 'd better do a complete backup of your archives and ...   "follow your heart".