A new email hoax is serving as a reminder to IT managers that they need to educate end users about staying alert to online scams.
Sophos, Inc., an anti-virus software company based in Lynnfield, Mass., is reporting an email chain letter that is tricking people into wasting their own time, cluttering corporate inboxes around the country and hogging up valuable bandwidth.
The Free Flight chain email is convincing people that British Airways is giving away free plane tickets to anywhere in the world to anyone who forwards the email to 10 or more people.
The email claims that it is encouraging more people to fly, following a downturn in the airlines industry because of concerns about the SARS virus and the war in Iraq.
It also contends that the airline is working in conjunction with Microsoft, monitoring the distribution of the message.
”This is preying on what strikes a cord with people, tapping into something real, like the war in Iraq and the SARS virus,” says Chris Belthoff, a senior security analyst with Sophos.
”There’s no malicious content. It won’t cause damage to the system… The downside is that it’s filling up email inboxes. It’s sucking up bandwidth from people sending this around to their friends and family.”
One version of the chain letter contains the phone number of an actual woman named Dolly Francis.
Belthoff says Francis has been inundated with calls and it appears to be ‘a personal joke gone haywire’.
Dan Woolley, a vice president at SilentRunner, a network security company, says it’s an old trick with a new medium.
”With old chain letters, the mail system would be flooded. Now, it’s flooding inboxes,” says Woolley.
”It seems that every generation has its own chain letter scam. But this one exposes the corporate network.
And if people are gullible enough to do this, think about what else they could do that would have a lot more serious impact.”
Woolley says the Free Flight email scam should server as a reminder to IT managers that end users need to be educated about online scams.
He also says it’s a good time to refresh their memories that the corporate network is a business tool and should be treated that way.
”Educated people follow rules and procedures,” says Woolley. ”What are your procedures? If you don’t know, they definitely don’t know. Figure them out and teach them.”
Belthoff agrees, adding that every day common sense used at home should definitely be applied at work.
”The corporate lesson here is that end users need to understand that anything too good to be true needs to be deleted,” warns Belthoff.
‘Do not respond to giveaways and offers, especially ones that encourage you to send email to others. Virtually, all the time it’s a hoax. Be aware of something that wastes time and company resources.’