I received this email on April 25, 1999 from someone who wishes to remain anonymous. I think it is credible information and pass it along for you to evaluate for yourselves...

Those 3 virus warnings on your website are all hoaxes. e.g., It takes Guts to Say Jesus.....Bud Frogs....Join the Crew.

Here is a reply I once sent. Hope it helps (just keep my name and email address off it...I'm too busy for all the baloney like this that I get sent....)

----------------------------------------------

Dear Senders:

The message you sent is a classic virus hoax message, much akin to a chain letter. Unfortunately, well-meaning people passing along urban myths, virus hoaxes, et al, need to be aware of the telltale signs of these hoaxes, and where to find information. Your version sounds all too much like the classic "Good Times" virus hoax with the name changed, and AOL is mentioned. Remember: a text file does not pass viruses. It takes an executable file, or macro kernel of an executable to do the action necessary to cause such damage. Also, look at the false claim to credibility by using IBM and AOL names in the text (with no dates or reference sources), as well as the CAPITALS and exclamation points (!!!!!!!!). Immediate hoax warning bells should sound to you....and tell EVERYONE!!!!!

As a computer auditor, I have seen too many of these. Below are ways to identify and research such hoaxes:

The following sites are good ones for determining what is a virus hoax.
http://ciac.llnl.gov/ciac/bulletins/h-05.shtml
http://ciac.llnl.gov/ciac/notes/Notes09.shtml

These sites mention the "Guts" virus hoax (It takes guts to say Jesus) specifically:
http://www.datafellows.com/v-descs/hjesus.htm
http://www.symantec.com/avcenter/venc/data/jesus-hoax.html

These quote VERBATIM the new Norton Utilities baloney and "Melissa" fake credibility parts and note it is a hoax.....
http://www.av.ibm.com/BreakingNews/HypeAlert/Guts/

Gee whillikers....IBM debunks the claim from the text!
http://stiller.com/guts.htm or http://www.stiller.com/guts.htm ...both work.
http://www.kumite.com/myths/
http://www.umich.edu/~wwwitd/virus-busters/hoaxes/guts.html
http://antivirus.miningco.com/library/blen0089.htm?rf=dp&COB=home&TMog=104460490585430m&Mint=23450431411335

If you take off the file name, and go to the directory level above it on the URLs above, you will see lists of most of the major hoaxes out there, and can read up on them so you will recognize the next one that comes along. Note the advice on how to detect....remember, if it sounds too good (or bad) to be true, it probably isn't true. Then apply the "litmus test" to all such future messages.

More pages can be found if you put "virus hoax" into a search engine, or the multiengine www.dogpile.com (doesn't have Hotbot engine, however), or going to the websites of the antivirus software makers. McAfee has an internal search engine on its site to comb the web, that pulled some good other sites on this. See Symantec's Norton AntiVirus, PCCillin, IBM AntiVirus websites, DataFellows (makers of F-Prot) et al, as well.

By the way, if you are using a work email or government email, please think twice before distributing questionable material or using it for personal use...As an Information Systems Auditor, I know many I.T. departments watch the websites pulled up, and track "massive" email distributions. It can put the employer or government agency at risk for liability, too, based on the employee's actions.

_____________________________________

Here is the CIAC test:

Instead of spreading from one computer to another by itself, a virus hoax relies on people to pass it along.

How to Identify a Hoax======================

There are several methods to identify virus hoaxes, but first consider what makes a successful hoax on the Internet. There are two known factors that make a successful virus hoax, they are: (1) technical sounding language, and (2) credibility by association. If the warning uses the proper technical jargon, most individuals, including technologically savy individuals, tend to believe the warning is real. For example, the Good Times hoax says that "...if the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor...". The first time you read this, it sounds like it might be something real. With a little research, you find that there is no such thing as an nth-complexity infinite binary loop and that processors are designed to run loops for weeks at a time without damage.

When we say credibility by association we are referring to whom sent the warning. If the janitor at a large technological organization sends a warning to someone outside of that organization, people on the outside tend to believe the warning because the company should know about those things. Even though the person sending the warning may not have a clue what he is talking about, the prestige of the company backs the warning, making it appear real. If a manager at the company sends the warning, the message is doubly backed by the company's and the manager's reputations.

Individuals should also be especially alert if the warning urges you to pass it on to your friends. This should raise a red flag that the warning may be a hoax. Another flag to watch for is when the warning indicates that it is a Federal Communication Commission (FCC) warning. According to the FCC, they have not and never will disseminate warnings on viruses. It is not part of their job.

CIAC recommends that you DO NOT circulate virus warnings without first checking with an authoritative source. Authoritative sources are your computer system security administrator or a computer incident advisory team. Real warnings about viruses and other network problems are issued by different response teams (CIAC, CERT, ASSIST, NASIRC, etc.) and are digitally signed by the sending team using PGP. If you download a warning from a teams web site or validate the PGP signature, you can usually be assured that the warning is real. Warnings without the name of the person sending the original notice, or warnings with names, addresses and phone numbers that do not actually exist are probably hoaxes.

What to Do When You Receive a Warning===============================

Upon receiving a warning, you should examine its PGP signature to see that it is from a real response team or antivirus organization. To do so, you will need a copy of the PGP software and the public signature of the team that sent the message. The CIAC signature is available from the CIAC web server at:
http://ciac.llnl.gov/

If there is no PGP signature, see if the warning includes the name of the person submitting the original warning. Contact that person to see if he/she really wrote the warning and if he/she really touched the virus. If he/she is passing on a rumor or if the address of the person does not exist or if there is any questions about theauthenticity or the warning, do not circulate it to others. Instead, send the warning to your computer security manager or incident response team and let them validate it. When in doubt, do not send it out to the world. Your computer security managers and the incident response teams teams have experts who try to stay current on viruses and their warnings. In addition, most anti-virus companies have a web page containing information about most known viruses and hoaxes. You can also call or check the web site of the company that produces the product that is supposed to contain the virus. Checking the PKWARE site for the current releases of PKZip would stop the circulation of the warning about PKZ300 since there is no released version 3 of PKZip. Another useful web site is the "Computer Virus Myths home page" (http://www.kumite.com/myths/) which contains descriptions of several known hoaxes. In most cases, common sense would eliminate Internet hoaxes.

----------------------------------------------------------------------------

For additional information or assistance, please contact CIAC:

 
    Voice:          +1 510-422-8193 (8:00 - 18:00 PST, 16:00 - 2:00 GMT)
 
    Emergency (DOE, DOE Contractors, and NIH ONLY):
                     1-800-759-7243, 8550070 (primary),
                                     8550074 (secondary)
    FAX:            +1 510-423-8002
    STU-III:        +1 510-423-2604
    E-mail:          ciac@llnl.gov
    World Wide Web:  http://ciac.llnl.gov/
    Anonymous FTP:   ciac.llnl.gov (128.115.19.53)
    Modem access:   +1 (510) 423-4753 (28.8K baud)
                    +1 (510) 423-3331 (28.8K baud)