Mass-mailing email worms don't have to have a malicious payload to cause trouble. Just the threat of their spread can result in a knee-jerk reaction of shutting down mail-servers until signature updates can be obtained. Wonder why no one shuts down the mail server when a hoax gets going? From a prevalency standpoint, it seems hoaxes win hands down. The only difference is, the email worm sends itself automatically while the email hoax relies on the user to forward to everyone they know... and there seems to be no shortage of users willing to oblige that request.

An interesting phenomenon, the virus hoax email enjoys a much greater audience than legitimate virus warnings. The same warnings, some with minor variations, have paraded from mail client to mail client for several years. It seems there's always a fresh user base to act as facilitator, naively forwarding it on to everyone they know. When told the email was a hoax, the user invariably replies, "I thought it might be, but I sent it just in case it was true." Little do they know, this just in case reaction can cause more than an annoyance. Ask the police in Mounds View, Minnesota who fielded so many inquires spawned from an email chain letter they had to route all incoming callers through a taped recording, delaying the receipt of potentially urgent calls about legitimate investigations.

However, only the most hardened of us would fail to forgive the much forwarded little girl lost email-fueled urban legends. But why do so many of us fall victim to the less emotional claims of being paid to read email, or those dire warnings of viral disasters that contain no valid sources and near illiterate descriptions? Indeed, far more persons seem concerned with the fictitious virus warning than those few legitimate ones. Case in point, the legitimate virus warnings have a life cycle of about 3 days, after which they die and never reappear. A hoax, however, is forever.

Rob Rosenberger, virus hoax expert and bombastic creator of drivel, contends hoaxes have power in part because they are received from someone you know and trust: your daughter, your dentist, your boss. Part of the problem, he speculates, is "it's too easy for "shallow thinkers" to forward an email to everyone." Rob went on to express doubts that "those who forward a virus alert could tell you what they sent, 30 seconds after they sent it." Humorously, Rob compares email hoaxes as the modern day version of rubber-necking, "If a hundred cars in front of you slowed to a crawl to gawk at an accident scene, chances are you'll also gawk at it, too. If 200 people received an urgent chain letter in addition to you, then I think it persuades users to forward it."

UrbanLegends guide David Emery believes the success of email hoaxes lies in the fact that the "hoaxes go for our emotions. Whether the hook is fear, greed or compassion, they hit us on a gut level, and that's the whole point of telling stories, spreading rumors and inventing hoaxes in the first place." Like Rosenberger, David believes hoaxes maintain stamina by feeding on a fresh victim pool - the new computer user. "It's important to realize that the Internet population is still growing by leaps and bounds. Thousands of new and naive users sign on for the very first time every day, which in effect means there's a never-ending pool of suckers to bite on every old hoax. You can think of it as a rite of passage. We're all green and gullible in the beginning, but eventually we learn not to trust everything we read in our email. Unfortunately, there's always a new batch of newbies around the bend."

Spanish conquistador, Hernán Cortés (1485-1547), once noted "Under special circumstances, action should be quicker than thought." Email warnings certainly don't qualify as special circumstances so the next time you receive a dire warning about a virus that's going to destroy your drive, sponges that kill, email taxation, or any other email that just doesn't quite add up - don't act. Take the high road and ignore it. Just assume that you've graduated from the newbie stage. Trust me, it will get forwarded plenty without your help and you can feel all the more smug for not having been a patsy. If it helps, remember that a legitimate threat will be covered by the media, security vendors, and other expert sources. Not your daughter, your dentist, your boss.