Home : Essays and Editorial : Principled Politics : FCC Banning Gospel On The Airwaves? Scam.
FCC Banning Gospel On The Airwaves? Scam. PDF Print E-mail
View Comments
User Rating: / 0
PoorBest 
Principled Politics
Written by Eric Vought   
Friday, 11 December 2009 03:24

I was recently sent an email claiming that a group of atheists was petitioning the FCC to have readings of the Gospel banned from all the airwaves. It turns out that this is a scam and an old one. I have some information here and I also take some time to spell out why these scams are not just irritating but may actually be dangerous to you and the people you forward them to.

[Version 1.1 - Release]

The Email

The email in question read as follows and was forwarded to over 70 people with their addresses in the To: line.

> Removal Of Catholic Mass (EWTN)
> 
> It is our fundamental right to worship. EWTN is a global Catholic 
> network. Catholics can attend mass, recite the rosary, pray the angelus, 
> sing the chaplet of mercy daily especially when ill or unable to travel. 
> Those not willing to listen to the Gospel or Word of God can turn off the 
> television and not turn off our right.
> 
> Please, if you don't wish to participate, return email to whoever 
> sent it to you so they can at least keep this email going or forward it to 
> some one you know who will wish to participate. Otherwise read on and it 
> tells you how to add your name &forward.
> 
> Dr. Dobson is going on CNBC to urge every Christian to get 
> involved. I hope you will sign and forward to all your family and friends.
> 
> An organization has been granted a Federal Hearing on the same 
> subject by the Federal Communications Commission (FCC) in Washington, D.C. 
> Their petition, Number 2493, would ultimately pave the way to stop the 
> reading of the gospel of our Lord and Savior on the airwaves of America. 
> They got 287,000 signatures to back their stand! If this attempt is 
> successful, all Sunday worship services being broadcast on the radio or by 
> television will be stopped. This group is also campaigning to remove all 
> Christmas programs and Christmas carols from public schools! You as a 
> Christian can help! We are praying for at least one million signatures. This 
> would defeat their effort and show that there are many Christians alive, 
> well and concerned about our country. As Christians, we must unite on this. 
> Please don't take this lightly. We ignored one lady once and lost prayer in 
> our schools=2 0and in offices across the nation. Please stand up for your 
> religious freedom and let your voice be heard. Together we can make a 
> difference in our country while creating an opportunity for the lost to know 
> the Lord.
> 
> 
> NOTE: For those who do not know how to add your name to the list 
> you must first hit the forward button first and then you scroll down to the 
> bottom of the list, add your name then forward it on to your family&friends. 
> So many people do not know this and are forwarding it without their names 
> added. Don't delete any other names, just go to the next number and type 
> your name. Please do not sign jointly such as Mr. & Mrs., each person should 
> sign his/her20own name.

A long list of names followed. Information on this particular scam goes back to 1974 and is described at Snopes.com (thanks to Larry, Mark, Mary, and Maryanne). But for a moment, let's pretend it was not a scam. Would this kind of email be effective?

Is This Kind Of Mail Effective?

Not really. There would be no way whatsoever for a politician or commission member to know whether the list was accurate when it finally came to them. In fact, they know that it is not accurate.

If I send a list of 100 names to 100 people, they each add their names and then send it to the FCC, they end up receiving 100 lists of 101 names each for a total of 10,100 names even though only 101 (or likely less) are actually unique. Then, of course, they don't know that one person did not sit down and make up 50 of the names themselves. There is no cost to adding yourself to a list and no reason not to cheat. Web sites belonging to groups who collect the names centrally, limit each person to one addition, and remove the duplicates are a bit better, but sending individual emails, phone calls, and letters to the FCC would be much more effective and they would pay more attention.

Why Is the Email Potentially Dangerous?

Why do these scams circulate? Many of them even the original author must have known it was not real. Why was it sent? Well, in one way, this kind of email can be effective: effective at aiding and abetting identity theft.

This is not obvious to most people because they do not necessarily understand how email works and the kind of information it carries with it, let alone how criminals can use it and social engineering to get more information and commit crimes. Sometimes such an email actually contains a virus or contains a link to a virus, such as this scam email I wrote about recently about a supposed Swine Flu Conference where mass, forced inoculations were to be discussed. Such a virus may not just be aimed at infecting "suckers" who walk into the trap, they may sometimes be specifically targeted at the political groups who would be susceptible to their message. Is there a group out there who wanted to be able to specifically monitor the computers of people who would be worried about the threat of mass inoculations? Perhaps. How could we tell?

But a virus does not need to be included to have an effect. Just getting large numbers of people to contact the authorities over a bogus issue can discredit a political group. But there is a much more sinister and mundane criminal motive as well: compiling lists of email and network addresses from the forwarding chain.

When you forward an email like that, especially when you include a large number of addresses in the To: line, that email now contains a list of addresses of people you know as well as information about their computers and network connections--- in the headers of the email which are not normally shown by your mail program. When you forward the email on, that information is added to. The information includes who handles your email but can contain interesting tidbits like the fact that I use a mail forwarding service and many of my public email addresses are just aliases. It might tell someone whether you tend to connect and send email from work or home and possibly what the address of your work system is.

As the email gets forwarded, many people will leave the old information in place and add a new note: "Please read this, it's important." The email addresses the message was sent to previously are also often included, even if none of them passed it on. The hundreds of email addresses appearing in a long forward chain--- and their connections, who knows who--- can be very useful information for a criminal. They can use it for a practice called 'pretexting', a kind of social engineering where they call you up pretending to be someone you might know but not very well, possibly someone you do business with (e.g. your Internet Service Provider), and use the conversation to get more information out of you. They may get enough to be able to email you a message with an attachment (such as a video) that they can be reasonably certain you will open and which contains a virus or to be able to call up your real ISP or phone company and make changes to your service. After several calls or emails to several people, they might find something that let's them commit a crime: simple identity theft, sale of email addresses to SPAMmers, fraud, even robbery or kidnapping.

The science of getting information out of the web of connections is well-developed. For instance, government grants have been given for analyzing FaceBook webs of friends to determine someone's political affiliation or religious leanings without them having actually posted that information. A clever criminal will count on eventually receiving the chain-letter back and being able to analyze the results. They may rely on luck and the fact that these chain letters travel very quickly, or they may sign up to a mailing list on a related subject which they know will be sent copies of the message.

What This Means

When you get an email like this, especially one that asks you to take action, ask yourself some questions and take some precautions:

  • Do you know the person who sent it to you? Are they likely to have checked the source and verified the facts?
  • Attempt to verify some of the facts yourself and do this before you follow any links in the email or open any attachments. If you do not know how to check or where to look, ask someone you trust.
  • Look at common sites that list scams, tall tails, or computer security threats such as Snopes.com or the vendor of your virus scanner. Look at common websites or blogs on the subject (but do not follow links in the email) and see if there is any discussion of the subject in your email.
  • If you do decide to open attachments in the email (which I rarely recommend), scan them with a virus scanner. You might also try running them as another, low-privilege user (such as a "Guest" account) and probably not on your business computer or one you use for online banking.
  • For web links, make sure you know how to see the actual address in the email, not just the text the writer wanted you to see. For instance, it is very easy for an email writer to put a link to "opencongress.org" which actually goes to "mydenofnastythings.com?download=nastyvirus.exe". In the Apple Mail program, for instance, I can disable viewing of HTML (just the text) or use "View Raw Source" to see everything in the email.
  • If it claims to be from a common web site such as cnn.com or eff.org, type the address into your browser by hand or follow your own bookmark rather than following the link in the email (which may not be what it seems).
  • Use AVG's LinkScanner tool to see if the link contains any obvious threats (such as a known virus). You can cut and paste addresses into their website one-at-a-time for free or, if you use Windows, you can buy LinkScanner as part of their Home Security package.
  • Use a tool in your web browser that helps detect phishing scams and dangerous sites by checking them against a list of known threats. I use WOT, a common Firefox plugin.
  • Disable Javascript and plugins when you visit a potentially dangerous site. I use NoScript under Firefox to let me turn script support on only for sites I already trust.
  • Use a tool such as TOR (The Onion Router) to disguise your identity when you connect to a suspicious site which might be trying to track users. Tor works under FireFox. MacWare makes a tool called WebGhost for Safari and Camino users. These tools route your connection through a network of proxies so that the website has no idea where you actually came from. They also provide some protection against malicious scripts and plugins. (Sorry, I do not use Internet Explorer.)

But probably the biggest tip is not to forward emails. If you want a lot of people to see it, put it on an appropriate blog or email list after deleting the information about who sent it to you and who might have sent it to them. It is a lot harder for a crook to figure out everyone who visited your blog or reads the email list.

Blind Carbon Copy, A Safer Tool

But here is a simple trick if you want to email something to a group of people a little more safely. Put yourself in the To: line, just yourself. Now put everyone else in the BCC: line. This stands for Blind Carbon Copy. Your mail server will send a copy to everyone you wish but will not tell anyone who else it was BCC'ed to. All they see is that you sent it to yourself.
Last Updated ( Friday, 11 December 2009 07:48 )
 
blog comments powered by Disqus
  

Login