Should Internet users have to pass an Entrance Exam before going online?

Windows users are ignoring the common-sense rules of e-mail -- that you don't double click on attachments you didn't ask for and that you don't open anything suspicious.

technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

T e c h n o f i l e
Should Internet users have to pass an Entrance Exam before going online?

Sept. 28, 2003

By Al Fasoldt
Copyright © 2003, Al Fasoldt
Copyright © 2003, The Post-Standard

   A new virus that masquerades as a fake e-mail from Microsoft is making life miserable for Windows users. My antivirus software has already blocked a few hundred messages from this attacker, called the Swen Virus, and no doubt there are hundreds more heading for my PC.
   E-mailed viruses are passed along by Windows users who don't know better. I'm getting tired of this, and I'm sure many of you feel the same way. If I were king for a day, I'd require everyone to pass an Internet Entrance Exam before they could get online.
   But since I'm just a journalist with no princely ambitions, I'll do the next best thing. I'm presenting a voluntary test. Take it and see how you score. Pass it along to that pesky sister-in-law who forwards all that useless e-mail, too.
   Scenario One. You're sitting at your computer. The mail comes in. You see a message that has your mom's return address on it. It has an attachment with a strange name. You can see part of the actual message in your e-mail software's View pane. It says "Please to play new game."
   Question One: True or false -- You double click on the attachment to try out your mom's new game.
   Scenario Two: You're sitting at your computer. The mail comes in. You see a message that has your best friend's return address on it. It has an attachment that seems to be a screensaver. Your best friend has never sent you a screensaver. (In fact, your best friend has never really sent you any kind of attachment, as far as you can recall.) You see from the View pane that the message doesn't say that it's to anyone in particular. It simply says "Here's that cool screensaver I told you about in class last night." This is a little puzzling, since you and your best friend haven't been in a classroom together in 16 years.
   Question Two: True or false -- You're ecstatic that your best friend thought of you and sent a cool screensaver, so you double click on the attachment in the letter.
   Scenario Three: You're sitting at your computer. The mail comes in. You see a message that is from Microsoft Customer Support. This reminds you of something someone told you recently about a virus that pretends it's from Microsoft. But this one looks genuine. Really genuine, in fact. You see from the subject line that the message contains a fix for a Windows problem. How nice of Microsoft to do this, you think.
   Question Three: True or false -- You double click on the attachment because you sure do want to fix that Windows problem.
   End of test. Let's see how you did.
   Scenario One (the one where "mom" says she has sent you a game): "Please to play new game?" What kind of English is that? Is that something someone's mom would actually write? Apart from the fact that neither your mother nor mine is a game programmer, what about common sense? Has any Windows user's mom ever sent a legitimate e-mail with such a stupid statement?
   The e-mail contains a virus, not a game. And it seems to come from your mother because the virus uses stolen e-mail identities to fake the sender's address.
   Most of us probably can agree that the phrase "Please to play new game" is just plain silly. Who could possibly fall for it? Yet it's the real message in one of the most devastating viruses in Windows history. To open such an e-mail and run the attachment, a Windows user would have to be extraordinarily gullible or asleep. (Don't laugh. How could any adult fall victim to that message?)
   The correct answer, of course, is "False." You do not double click on the attachment. Instead, you delete the message.
   Scenario Two (the "best friend" situation): This best friend has never sent you anything, but suddenly decides to share a cool screensaver with you. Yeah, right. Furthermore, this "friend" has severe memory loss and doesn't realize she is 33 years old and a long ways out of high school. What a friend, right?
   Seems crazy, doesn't it. Yet it's the way a couple of real viruses work, and thousands of Windows users fall for it every day.
   The correct answer: False. You do not double click on the attachment. Instead, you delete the message.
   Scenario Three (the support letter from Microsoft): Most Windows users probably don't realize that Microsoft never sends attachments to customers. That's "never" as in "at no time" and "not on your life." Virus writers know how to create fake letters from any company on the planet and they know how to make them look authentic. Fall for this one and someone will try to sell you a bridge.
   The correct answer: False. You do not double click on the attachment. Instead, you delete the message.
   How'd you do? You probably got all of them right. I made it easy.
   But somebody is getting the answers wrong. Somebody, by the hundreds of thousands, by the millions, maybe, is double clicking on attachments that are obviously bogus. Windows users by the boatload are ignoring the common-sense rules of e-mail -- that you don't double click on attachments you didn't ask for, no matter what, and that you don't open anything suspicious.
   They're the ones who should be taking my test. If you know Windows users who fit that description, pass this article on to them. It's never too late to learn.

Windows users are ignoring the common-sense rules of e-mail -- that you don't double click on attachments you didn't ask for and that you don't open anything suspicious.

T e c h n o f i l e Should Internet users have to pass an Entrance Exam before going online?

T e c h n o f i l e
Should Internet users have to pass an Entrance Exam before going online?