Hoaxes Used in the Research
The survey focuses on six different hoaxes. These hoaxes were selected using the lists of virus hoaxes as provided by various security software companies. For this research the websites of Sophos, Symantec, Mc-Afee and F-Secure were used.
Initially, eleven hoaxes were chosen based on information about their current spreading (as available on the aforementioned websites). These hoaxes were subjected to research on three major search engines: AltaVista, Alltheweb and Google (both web & Usenet search).
From the combined results of all search engines the average of the natural logarithm was taken and it was this final result that was used to make up the ranking of the hoaxes. The results of the eleven chosen hoaxes were then compared to find six hoaxes which had enough variation to test several grades of success in spreading. A correlation needed to be found so it was decided that it would be best to make three groups of hoaxes, a high spreading one, a middle spreading and a group of hoaxes that was not very successful but still successful enough to be used in quantitative research without having to classify the results as ‘not trustworthy due to a too small sample’.
To avoid interference of two or more hoaxes over each other in the survey, the hoaxes were also filtered based on their content and methodology. For example the virus hoaxes sulfnbk.exe and jdbgmgr.exe both scored within the top three results of virus hoaxes found online but they contain the same type of warning; the first one targeting sulfnbk.exe, the second one demanding to delete jdbgmgr.exe. It is likely that if these two hoaxes would both have been included in the same survey, they would have a strong influence on each other as far as criteria such as novelty are concerned.
The hoaxes that were selected to be tested in the end were: jdbgmgr.exe, Good Times, Penpal Greetings, WTC Survivor, California IBM and Buddylst.