Truth About Computer Security Hysteria

SandMan hacker alert

One of the most popular "hacker alerts," first seen in 1997 and still going strong today. Usually now included as part of a combination virus alert (see related link). It claims "someone named SandMan" may ask you to check out his website. The instant you do so, the website automagically "hacks into your C:/ drive."

Gullible users ironically mention the evil URL in their own warning messages. By their own logic, they place loved ones at risk of getting hacked with one errant mouse click! Some trivia: the URL now points to a fan site for the popular "ER" television series. Still, the chain letter continues.

A person calling himself "SandMan" probably existed in 1997 and he perhaps owned the web page in question at the time — yet no evidence exists to show he used it for evil purposes. His page may have pleaded for/against abortion or gun control for all we know.

As you might expect, malicious people now use variations of the "SandMan" alert to slander others. "Don't read email from {name}, he sends out deadly viruses! Don't visit {name}'s website, it'll hack into your C: drive! Pass this alert on to everyone you know! Better safe than sorry! Let's all be careful out there!"

Most hoax alerts undergo modification as time passes (gullible users sometimes edit the emails they forward). Amazingly, the SandMan alert remains basically the same after all these years. The only notable changes appear in (1) the hacker's name, whenever spellcheck software replaces "SandMan" with "Sandman"; and (2) in the phrase "C:/ drive," whenever astute-yet-gullible readers change it to "C:\ drive."

Last updated: 2000/7/31