WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
The Bill Gates email has a string of variants, some going back several years and a few brand new ones just going out in the wild, according to Sophos, Inc., a security and anti-virus company based in Lynnfield, Mass. One variant of the email chain letter claims that Gates, chairman of Microsoft Corp., is teaming up with British Airways to give away free plane tickets to anyone who forwards the email to 10 or more people. A more recent variant claims that Gates himself will pay $245 for every person you forward it to.
"It's obviously just nonsense," says Chris Belthoff, a senior security analyst with Sophos. "Even though they seem benign, the downside of these hoaxes is that they're a productivity issue, and a network and bandwidth issue. They end up being the bane of most IT managers."
Dan Woolley, a vice president at network security company SilentRunner, says no matter how long hoaxes have been around, people keep falling for them -- and they continue to be an IT problem.
And Woolley adds that they're sending them around to a lot of people.
''You open up your mailbox and think, 'Well, let me send this one to 15 or 20 people.', says Woolley. ''That affects productivity, especially when people start responding to it.''
Stopping these hoaxes from wasting time and network space is a matter of employee education, says Tony Magallanez, a systems engineer at F-Secure Inc., a data security and anti-virus company.
''It's an ongoing process,'' he says. ''Human education is always an ongoing process. People in the workplace are learning that these are hoaxes and they're unreliable.''
But analysts generally agree that it's IT's responsibility to make sure employees are learning these lessons -- about hoaxes, email fraud, identity theft or spam.
''Educate people that any email that encourages forwarding is not legitimate,'' says Sophos' Belthoff. ''It's either a hoax, or a virus or both... The biggest key is user education. IT departments need to take an active role in somehow ensuring that there is education. In the end, it will only make their jobs easier.''