Internet Hoaxes

Finding and Fighting Internet E-Mail Hoaxes

Fool me once, shame on you.
Fool me twice, shame on me. [ref]
A fool and his money are soon parted
or their computer soon invaded.

This article started in 2001 when another Internet hoax just found its way into my E-mail basket from a person I know. I've updated it from time to time since them. As a twenty-four year resident of the Internet I have seen quite a few hoaxes, fables, odd tales, and outright lies, come through my various mails. While some were true it was so long ago the message have become "once upon a time" material on long dead events. Other have always been pure Fairy Tales. In the past I would occasionally be pulled toward the best some of them, but even then I usually checked first. Now I always check first.

While the Internet makes it very easy to mass distribute a Hoax, it also makes it very quick and easy to check them out.

Defend Yourself From Bad and Write The Good

My Goals

My goal is to show you hot to spot likely trouble, defend yourself from more crafty trouble, and write E-mail for help and assistance that does not look like spam.

Additional details on Internet Hoaxes may be found at a wonderful article at which goes into more details on this, and other, subjects.

Let me show you how easy it is to check on E-mail you have received. Whenever you receive mail you find is on the wrong side of good please send a reply back to your "friend" sending you the message. Pass back to them the fact the story is not true, a reference to how you know that (a web address should be suffcient), and perhaps more on how they to can join the fellowship of self-defense. Feel free to include the ENTIRE contents of this letter or point them to the URL of this letter so they can always get the latest.

Happy Discarding

Any E-mail in my inbox that looks like spam is often treated as spam. Like many other I know, this is to the point of deleting genuine E-mail without bothering to look at it. With a little training you too can start throwing SPAM away with gleeful abandon.

If you don't want people to trash good E-mail write something in the subject line that shows you really know them. Make your subject lines specific, focused, and personal. Mention a specific link between the two of you that generic spammers will not know. "Minutes of Jan 14 Xyz Board meeting" rather than "Minutes".

How can I be so callous you ask? It's simple, really. My name has been on the Internet for a very long time. In some technical areas it even enjoyed some popularity. Many web sites have my E-mail address in ways that Email address harvisting programs find. Some by searching the web like a bad Google or Bing to find E-mail addresses. Others harvest using malware invading computers to swipe all of the E-mail addresses from victim accounts. Just search for my name and you will see why I get a huge amount of bad E-mail. And this is bad E-mail that gets past the filters.

Recognizing Possible Hoaxes

The Hot Points

Any incoming E-mail that has one or more "hot points" in it trigger my brain's rumor guard. Such E-mail should be considered rumor until proven factual. Mail with two or more points is very likely to be "rubbish mail":

More often than these are tall tails rather than honest stories.

A random sampling of subjects from my current spambox follow:

   ACH Notification : ACH Process End of Day Report
   Carolyn Christopher wants to be friends with you on Facebook.
   Charity Donation
   Congratulation on your Facebook National Lottery
   Dear Unpaid Beneficiary
   Dear Friend
   FW: IMPORTANT - Suspicious Activity 1W53KA5O7664OHL
   Good Day Dear Sir/Madam
   I can't believe you helped me save over $300 on this Rolex Sport Model
   International Monetary Funds Agents
   Los AnGeLes Federal CredIt UniOn
   Resolution of case #PP-029-962-617-329
   Re:Good Day Your Urgent Advice Is Needed In Investing In Your Country 
   Re: YOUR ATM VISA CARD worth $1.2Million Us Dollars
   Sorry I had to write this late
   TAX REFUND ID: AU381716209-ATO
   The Owner of this E-mail id
   This Company looks darn cheap
   Top Weight Loss Product
   You can't get any bullish than this!
   Your ( ATM MASTER CARD) It's Urgent
   Your First Transfer is Ready

The last was "from" William Cole... in the thousands of valid E-mails I have received I don't remember any honest sender puting their name in the subject line. In thousands of bad E-mails, yes, but I just don't remember it in good E-mail. Don't do this in your E-mail without some reason.

Fast Or Big Money

This is so common it gets it's own section. If these were true I'd be getting millionons of dollars every day.

Please beware that:

Tracking Down Hoaxes

Opening Defense

Take some fragments that should be distinct to the message and search for them on Google, Bing, Yahoo!, or any major search engine:

  1. Copy/paste the fragments into the search field.
  2. Delete any punctuation, especially quotes.
  3. Put double quotes around each fragment:
    "Klingerman Virus" "blue envelopes"
The search result should give you some good hints. Likely including people being suckered into the thing. Try different fragments if you you don't get good results the first try.

Second Defense: Domain Research

Look at the site owners

Is the site genuine? A great test is to go to Google and just type in the last two parts of the domain name ( rather than Stick a "whois" in front of the domain and you are good to go.

whois ""

The first listing, that is not an advertisement, should be where you can go to get information on the domain name, it's owner, age, etc. Burried among the technical details are actual postal addresses and country codes. Don't trust new sites with much unless given reason to do so. If the site is in places like China, India, old Soviet block countries, or other places with high incidences of fraud, really be wary. There are some very good sites there but also dishonest ones.

Look at the different "top level" domain addresses associated with E-mail addresses, name servers, and anything else that shows up on the page. these are the last part of the names.... ".com", ".us", etc. If they are two letter codes they represent a specific country. If the owner is in one country, the web site in another, and the "name servers" yet another country, with postal addresses being strange as well, that is a very big red flag as evil people love to spread themselves over many legal jurisdictions to make prossicution more difficult, if not impossible. An alarm with fireworks. Search for "ISO Country Codes" to look up what the two-letter codes meen (Wikipedia).

Look At The Site History

Try a suspect site in several web search engines (search for just the two right-most components., not, and put it in quotes: ""). Try at least both Google and Bing.

If lots of problems are apparent, consider refraining from using the site.

Even if the site is run by genuine, legitimate, business people, if the site security is poor and is hijacked to the point of many compliants, then maybe you should not deal with it at all. If the site cleans itself up the problem reports will move further down the search response.

The Internet Archive's WaybackMachine at

Third Defense: Internet Hoax Search Engines

Despite the urgency in the subject, most of these fables are not new. Some have been around since before there was an Internet; I remember my mother getting some of these on mimographs.

Thankfully the dedication of a few makes it easy to take incoming E-mail out for reality checks using the various sites that track, collect, and catalogue Internet hoaxes. I keep a list of such sites in my home pages at (note it is dot home dot html) under Rumor Control Sites. My current favorites are:

  • Urban Legends Reference Pages
  • Both of these have hoax search engines. To use these search engines, search the suspect article for words that should be fairly unique to it and enter them into the search engine. Don't worry about making a sentence... you are doing an article search, not writing a letter to your aunt. In this case the key words were, The opening words of the hoax I received follows this message. Searching for "Klingerman Virus" was all that was required for positive test results. A link therein quickly took me to the official CDC disclaimer on this particular Internet fiction.

    Even better... hoax search sites often say if the thing as real, providing enough information for you to decide if you want to keep playing the game or not.

    For Urban Legens searches, Use google in the normal way with an extra word of, exactly, without other spaces or punctuation,
    (good on 2006-Jan... changes from time to time).

    Fourth Defense: Advanced Hoax Testing

    Naturally not all hoaxes are listed in the hoax search engines. If I can't get a positive match on any of them, I next go to the big search engines to search for keywords in the message. In general Google's advanced search at provides a way to do this without strange use of quotes, "AND", "NOT", and other technical incantations.

    Authors of these fictitious tails sometimes taint the names, addresses, and titles of real people at real institutions. If the name of a real institution is used, try and track it down on the official web pages. Next best is checking if the person has a home page that makes the statement, though that can not be considered official in most cases.

    If there is a contact E-mail, but no web page to verify on, send the person an E-mail asking them if the informaion is still true. Include a suggestion for a web-page verifcation. Pointing them to this article may also help them. If the E-mail message bounces higher than the building you are in you know the original E-mail is bogus and may be discarded. (Anyone creating a "send this around" mailing that does not provide a web page verifcation is asking for trouble, so I don't worry about cluttering up their E-mail basket).

    If your web searches turn up the fact that the article you are researching is years old, assume any facts in them are completely dead or expired, if not completely fictitious.

    How To Write Genuine Requests For Help or Information

    Each genuine article should be written to include the following;

    When describing some official policy or statement of an institution, the information should be on the institution's official web server.


    For personal postings consider using a free E-mail account on one of the major providers for short term items. Use a subject specific E-mail address, maybe one with a date in it. Close the account when you are done to let people who ignore your stop date get bounces in their E-mail boxes.

    Your Reward

    You reward for reading down to this point is The Granddaddy Of Internet Rumors at

    Legal Stuff

    Copyright 2001, 2006, 2013 by Gilbert Healton. All rights reserved.
    This article may be freely used in E-mail replies to fight E-mail hoaxes as well as other non-profit publishing, provided the message in its entirety is used without change.

    A Live One

    >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
    > > >> >
    > > >> > > This is very scary and is not a joke. Please
    > > read - it definitely is a
    > > >> > > serious threat to our lives and health. This
    > > is an alert about a virus
    > > >> in
    > > >> > >
    > > >> > > the original sense of the that
    > > affects your body.....not
    > > >> > > your
    > > >> > > hard drive. There have been 23 confirmed
    > > cases of people attacked by
    > > >> the
    > > >> > > Klingerman Virus; a virus that arrives in
    > > your real mailbox, not in
    > > >> your
    > > >> > > e-mail in-box.
    > > >> > >
    > > >> > > Someone has been mailing large BLUE
    > > envelopes, seemingly at random, to
    > > >> > > people in the US and Canada. On the front of
    > > the envelope in bold
    > > >> black
    > > >> > > letters is printed "A Gift For You From
    > > >> > > The Klingerman Foundation."



    [home] / [writings]writings
    NetMechanic HTML Code Excellence Award
     Hits since 2013-09-01: [unavailable]  Visits since 2014-11 $Id: InternetHoaxes.hmac,v 1.10 2007/09/19 20:23:23 ghealton Exp ghealton $
    Last formatted 2015-06-21