!0000 Trick

"Here's a little trick you can use to stop the spread of pc viruses" - Not! The misguided email outlines an alleged trick to prevent mass-mailing email worms from sending from your computer. This seemingly easy tip involves adding the bogus contact "!0000" to the Windows Address Book. The premise is that when the virus tries to send itself out to everyone in the address book, the mail client will falter on the bogus address and the attempt to send will fail. Of course, this assumes the virus intends to do a "send all" from the mail client in the first place.

Most of the modern day viruses prefer to randomly select individual addresses or supplement the addresses with those found cached on the system. In fact, most of the new viruses bypass the mail client altogether and use their own SMTP engine to send their viral email. In other words, the tip will only be effective in limited cases. What the tip can do effectively is lead to a false sense of security, and that can sometimes be worse than doing nothing at all.

Even more alarming, the original version of the !0000 tip further self-destructs as it supplements its instructions with the tip to use the email address "!0000@novirus.com" for the !0000 contact. The moment an email address is included with the contact, the entire tip fails under any scenario. The end result would be that a virus, doing a send all, would go out to every address in contacts with the exception of the !0000@novirus.com address which would be undeliverable.

This also assumes that some equally enterprising soul doesn't purchase the domain name, novirus.com, and create an address of !0000@novirus.com. If that were to occur, they would begin receiving any email sent to that address. While this might seem risky (assuming it's a virus doing the sending) think of what happens when a corporate user "forgets" about the !0000 ruse and does a send all of company information to users he "believes" are within the corporation. The lucky bloke at !0000@novirus.com stands to receive alot of private and possibly confidential email from a variety of sources. Considering that digiforum.com already licenses the domain name novirus.com and considering that email sent to the !0000@novirus.com is not returned undeliverable, one can only assume someone is getting use of the mail sent there.

As usually happens with chain letters, many variants of this not-so-savvy tip are now circulating. Some enterprising user even tried to gain credibility for the !0000 tip by claiming it originated from an ex-FBI agent. Robert Hanssen is a former FBI agent. Would you trust him with your sensitive data?