Too many users fall for cyber security urban myths

October 27 2004

Too many users fall for cyber security urban myths

Commonly held misconceptions highlight problems

Some computer users astonishingly believe that answering their mobile phones will leave them open to computer viruses. And such fundamental misunderstandings over IT security issues are rife among staff in businesses across the globe, according to a new study.

The 'Top Ten Cyber Security Urban Legends' released by Secure Computing Corporation warns that, while such improbable stories circulating on the internet are amusing, they highlight serious problems related to misperceptions among end users about cyber security.

Secure Computing Corporation compiled its list based on support calls, customer requests, and monitoring of internet discussion groups. It found that, while most of these legends are harmless, some can cause real harm if taken seriously.

The Top 10 cyber security urban legends:

Creating a fake entry called 'AAAAA' or '000000' in your e-mail address book will block Trojans from replicating.
Not only is this untrue but it can give users a false sense of security, exposing them to real Trojans.

A digital mobile phone can be infected with a virus merely by answering a phone call; the call receiver must not answer the call or disaster will strike.
Despite this story warning that the virus identifies itself as 'ACE' or 'Unavailable', there is no evidence that any virus can be spread in this way.

Hackers can legally break into websites that lack 'warning' notices.
Breaking into websites is a crime, whether there is a warning notice posted or not.

Some Windows system files are malicious and should be deleted.
In fact, deleting legitimate Windows system files like JDBGMGR.EXE and SULFNBK.EXE can harm a PC.

Hotel card keys secretly record personal information, which could be maliciously taken advantage of without the person knowing.
Information encoded on these cards is limited to room number, check-out time and other non-identifying data.

Search engine 'crawlers' perform security checks and notify users of vulnerabilities.
No known search engine employs this practice.

Thieves use lists of 'out of office' auto-replies to target homes for burglary.
There are no known cases of burglars actually using this technique.

Free patches emailed to you will protect your PC from the latest worm or viruses.
Free patches received as unsolicited email are more likely to contain Trojans.

Signing up with a 'Do Not Spam' registry will stop users from getting spam.
Unlike the US 'Do Not Call' registry there is no official registry for spam.

Popular downloads Elf Bowling and Blue Mountain Greeting Cards contain viruses.
A widely held, but mistaken, belief.