This page is about how you can find out who is behind a website and how you can verify virus-warnings and seemingly heartgripping stories you receive by email.
If you want to know, how to trace an email back to it's source please visit our "Tracing Email" page.

WHOIS Who?

Journalists should really know better than believe everything that's in print. This was true in the analog age for newspapers and magazines and is equally true for the Internet. The problem seems to be that a lot of journalists tend to believe information, if it looks professional. And whereas it takes a lot of resources to make a professional looking book, newspaper or magazine, it is quite easy to do so on the web.

And thus it happens quite frequently that fake online stories make it to print. The probably best known example of such an occurrence was a report by Reuters, that Pol Pot had landed in Sweden. What the Reuters-journalist had read was a story at a site called TASS.NET; complete with photos, video-footage etc. of Pol Pot getting out of a plane at Arlanda Airport. Believing that "TASS.NET" was the official site of ITAR-TASS, Reuters put the story on the wire. Unfortunately for Reuters, the whole thing was a hoax, or rather a PR-gag by the Webdesign-agency behind TASS.NET.

The Reuters journalist could have saved himself and his agency the embarrassment, if he had looked up, who was behind the site. This is easier than it might sound. Everyone who owns a domain has to register it with a Network Information Center (NIC) for the domain to be reachable. Fortunately, this data is publicly available. All you have to do is go to the relevant NIC and type in the domain-name.

top

For all *.com, *.net this is the INTERNIC. Links to the relevant NIC for all other domain-names can be found at Allwhois. In this case a query at the INTERNIC produced the following result:

At this point you should wonder, why the newsagency ITAR-TASS has a c/o address in Stockholm of all places and might want to check this information against the phonebook. Is there an ITAR-TASS bureau in Stockholm at all. Is there not? Then who are these guys? Equipped with the information you have now, you can actually call them.

There is also a small free programme called "Alexa" that constantly displays this information at the bottom of your screen.

top

Viruses and Hoaxes

Sooner or later you will get an email warning you not to open an email with the Subject "Good Times" "AOL4Free", "Penpal Greetings" because they allegedly contain a virus. This does is simply not true - it's a stupid joke.

Fact is that you cannot get a virus by simply email reading an email. It is simply not possible. Think about it: an email is just plain text. It contains no code. It cannot do anything. It really can't. Nevertheless stories about email-viruses get printed over and over again in newspapers and magazines by editors who mean well and know little. I have even gotten press-releases by fax from well-meaning police-stations warning about Good Times and Co. If you ever get a mail or fax claiming that an email-virus is in the wild, you might want to take a look at the Computer Incident Advisory Capability at the U.S. Department of Energy who have a rather good collection of known hoaxes.

Note, though, that files (i.e. programs, Word-documents, Excel-spreadsheets etc.) which are attached to an email can contain viruses. But even these viruses can not infect your computer by downloading mail or opening mail. The only way for them to infect your computer is if you run the program or open an infected Word document.

So, what about "I love you", "Melissa" and all those other viruses you have heard about? Isn't it true that some viruses have spread via email like wildfire? Yes, it is. But in all those cases the virus was transmitted and spread by a document that was attached to the email. The viruses only activated after the attachment has been launched. Reading the mails themselves was harmless. In case of "I love you" and "Melissa" it is also worth mentioning that this virus only spread via two specific email-programm - Microsoft Outlook and the Exchange. My personal recommendation: Don't use either of these programs. They are the ones who are being attacked most often. If you only want to handle email and don't need the organizer-functions of Outlook, then Pegasus Mail and Eudora are just as good, if not better. The Bottom line is: If you receive a message that warns you about a virus that hides in an attachment and tells you which operating-system and which email-programs are affected, than this may very well be true. But any message telling you that a virus spreads via mail without saying which operating-systems and email-programs are infected is probably a hoax.

If you are still uncertain whether you should publish the warning and you have gone through the homepages of the CIAC and of manufactures of anti-virus software like "Network Associates" or "Symantec", then call these companies. They have very good PR-departments who are glad to help. In fact these guys are extremely happy to be quoted in the press.

Variations of email hoaxes are chainletters with seemingly heartgripping stories about people who are dying and want to start a chainletter as their dying wish or want to receive as many business cards as possible before they die etc.. For the chainletters the same goes as for the email-viruses. Delete them, tell the one who sent them to you that they are a hoax and don't send them on. Again, the Computer Incident Advisory Capability at the U.S. Department of Energy has a rather good collection of these type of chain letters. Another one is Patrick Crispen's excellent "Urban Legend Combat Kit". His rule of thumb: "If an email letter contains more than one full page of email addresses, chances are it's a hoax!"

Also notice that in the U.S. it is a felony to send chain letters if they ask for money or anything of value. (See the US Postal Inspection Service information on chain letters)

up to the top