Archive

Archive for the ‘cybercriminals’ Category

HOW TO: Report the Microsoft phone scam

September 18th, 2014 No comments

If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

You can report this scam to the following authorities:

Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world. 

HOW TO: Report the Microsoft phone scam

September 18th, 2014 No comments

If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

You can report this scam to the following authorities:

Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world.

Congratulations! You’ve won $800,000!!

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)

  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)

  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)

  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed. 

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story. 

Congratulations! You’ve won $800,000!!

September 2nd, 2014 No comments

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)
  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)
  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)
  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed.

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story.

Do you know your kids’ passwords?

August 27th, 2014 No comments

This is the second of two blog posts on password protection. Read Part 1: Create strong passwords and protect them.

Whether or not you should know all of your kids’ passwords depends on their age, how responsible they are, and your parenting values.

However, kids of any age and responsibility level need to know how to create strong passwords and how to protect those passwords.

Sharing is great, but not with passwords

Your kids should never give their friends their passwords or let them log on to their accounts. Also, be careful sharing your passwords with your kids.

3 strategies for strong passwords

  • Length. Make your passwords at least eight (8) characters long.

  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.

  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

For more information, see Help kids create and protect their passwords.

Do you know your kids’ passwords?

August 27th, 2014 No comments

This is the second of two blog posts on password protection. Read Part 1: Create strong passwords and protect them. Whether or not you should know all of your kids’ passwords depends on their age, how responsible they are, and your parenting values. However, kids of any age and responsibility level need to know how to create strong passwords and how to protect those passwords.

Sharing is great, but not with passwords

Your kids should never give their friends their passwords or let them log on to their accounts. Also, be careful sharing your passwords with your kids.

3 strategies for strong passwords

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

For more information, see Help kids create and protect their passwords.

Microsoft takes on world’s worst cybercriminals

July 15th, 2014 No comments

Microsoft recently took legal action against a group of cybercriminals suspected of spreading malicious software to millions of unsuspecting computer users.

These social media–savvy cybercriminals have not only spread the malware themselves, but they’ve also promoted their malicious tools across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct illicit crimes.

For more information on the legal action, see Microsoft takes on global cybercrime epidemic in tenth malware disruption.

To help protect yourself against cybercrime

  • Keep your operating system and other software updated.
  • Use antivirus software (and keep it updated).
  • Don’t open suspicious email messages, links, or attachments.

Get more guidance at How to boost your malware defense and protect your PC.

5 ways to protect your Microsoft account

May 15th, 2014 No comments

Your Microsoft account (formerly your Windows Live ID) is the combination of an email address and a password that you use to sign in to services such as Xbox LIVE and Outlook.com, as well as devices such as Windows Phone and computers running Windows 8.

A Microsoft account is free and you can use it to:

  • Purchase apps from the Windows Store
  • Back up all your data using free cloud storage
  • Keep all your devices, photos, friends, games, settings, music, up to date and in sync.

5 ways to help protect your Microsoft account

  1. Create a strong password. Strong passwords use a combination of uppercase and lowercase letters, numerals, punctuation marks, and symbols. The longer the better, and don’t use personal information (such as a pet’s name, nickname, or driver’s license number) that can be easily guessed.
  2. Protect your password. Don’t use the same password you use on other sites, and remember to change your Microsoft account password (as well as other passwords) regularly. Watch out for email social engineering scams designed to trick you into turning over your password to a cybercriminal.
  3. Enable two-step verification. Two-step verification uses two ways to verify your identity whenever you sign in to your Microsoft account. Two-step verification is optional, but we recommend that you use it. Learn how to turn it on.
  4. Make sure the security information associated with your account is current. If the alternate email address or phone number you’ve given us changes, update the settings of your account so that we can contact you if there’s a problem.
  5. Watch out for phishing scams. If you receive an email message about the security of your Microsoft account, it could be a phishing scam. Don’t click links in any messages unless you trust or check with the sender. 

Don’t have a Microsoft account yet? See How do I sign up for a Microsoft account?

HOW TO: Recycle your old computers and devices for Earth Day

April 22nd, 2014 No comments

Today is Earth Day. Show your love for the globe by getting rid of your old technology in the most environmentally friendly way possible.

Step 1: Back up files or data you want to keep

Use the backup utilities that are built into Windows XP, Windows Vista, and Windows 7 to transfer files from your old computer to your new one.

If you’re getting rid of a computer that is running Windows 8, use File History.

Step 2: Remove personal information from your computer or device

If you use a Microsoft Certified Refurbisher, they will help you remove your data and help you donate your equipment to people in need around the world.

If you decide to remove the personal information yourself, wipe your hard drive by using specialized software that is designed to government standards and will overwrite your information (Active@ KillDisk and Softpedia DP Wiper are free downloads). 

Step 3: Find a reputable recycler

If you’ve already used a Microsoft Certified Refurbisher, they can help you find the right place for your old computers and devices. If you’re doing it yourself, you can find a list of Microsoft-sponsored recycling opportunities in your area.

Many places will offer rewards for your recycled technology. If you’re getting rid of old Xbox or Playstation games, you might be able to exchange them for a gift card to buy new games.

For more information, see How to more safely dispose of computers and other devices. If you just want to upgrade your operating system, find out if your current computer can run Windows 8.1 and you might not even need to get rid of it.

Tax scams: 6 ways to help protect yourself

March 20th, 2014 No comments

We’ve received reports that cybercriminals are at it again, luring unsuspecting taxpayers in the United States into handing over their personal information as they rush to file their taxes before the deadline.

Here are 6 ways to help protect yourself.

1.     Beware of all email, text, or social networking messages that appear to be from the IRS. Cybercriminals often send fraudulent messages meant to trick you into revealing your social security number, account numbers, or other personal information. They’ll even use the IRS logo. Read more about how the IRS does not initiate contact with taxpayers by email or use any social media tools to request personal or financial information.
2.       Use technology to help detect scams. Scams that ask for personal or financial information are called “phishing scams.” Internet Explorer, Microsoft Outlook, and other programs have anti-phishing protection built in. Read more about identity theft protection tools that can help you avoid tax scams.
3.       Check to see if you already have antivirus software. If a cybercriminal does fool you with a tax scam that involves downloading malware onto your computer, you might already be protected by your antivirus software. If your computer is running Windows 8, you have antivirus software built in. Download Microsoft Security Essentials at no cost for Windows 7 and Windows Vista. 
4.       Make sure the website uses secure technology. If you’re filing your taxes on the web, make sure that the web address begins with https, and check to see if a tiny locked padlock appears at the bottom right of the screen. For more information, see How do I know if I can trust a website and What is HTTPs?
5.       Think before you download tax apps. Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.
6.       Be realistic. If it sounds too good to be true, it probably is. From companies that promise to file your taxes for free, to websites that claim you don’t have to pay income tax because it’s unconstitutional—keep an eye out for deliberately misleading statements.

Help! Someone is holding my computer hostage

March 18th, 2014 No comments

If you see a pop-up window, webpage, or email message warning you that your computer has been locked because of possible illegal activities, you might be a victim of a criminal extortion scam called ransomware.

Ransomware often masquerades as an official-looking warning from a well-known law enforcement agency, such as the US Federal Bureau of Investigation (FBI).

The aim of ransomware is to prevent you from using your computer until you pay a fee (the “ransom”). If you get an email message or a warning like this, do not follow the payment instructions. If you pay the ransom, the criminals probably won’t unlock your computer and might even install more viruses or steal your personal and financial information.

 

Example of ransomware

What to do if you think you’ve been a victim of ransomware

If you’ve already paid the scammers, you should contact your bank and your local authorities, such as the police. If you paid with a credit card, your bank may be able to block the transaction and return your money.

To detect and remove ransomware and other malicious software that might be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products can detect and remove this threat:

More information about how to prevent and get rid of ransomware

 

 

 

5 safety tips for online dating

February 13th, 2014 No comments

If you’re going to be connecting online this Valentine’s Day (or ever), follow these safety and privacy tips.

  1. Avoid catfishing. This is a type of social engineering designed to entice you into a relationship in order to steal your personal information, your money, or both. Always remember that people on the other end of online conversations might not be who they say they are. Treat all email and social networking messages with caution when they come from someone you don’t know.
  2.  Use online dating websites you trust. Knowing when to trust a website depends in part on who publishes it, what information they want, and what you want from the site. Before you sign up on a site, read the privacy policy. Can’t find it? Find another site. For more information, see How do I know if I can trust a website?
  3.  Be careful with the information you post on online. Before you put anything on a social networking site, personal website, or dating profile, think about what you are posting, who you are sharing it with, and how this will reflect on your online reputation. For more information, watch this video about the dangers of oversharing.
  4.  Be smart about details in photographs. Photographs can reveal a lot of personal information, including identifiable details such as street signs, house numbers, or your car’s license plate. Photographs can also reveal location information. For more information, see Use location services more safely.
  5.  Block and report suspicious people. Use the tools in your email, social networking program, or dating website to block and report unwanted contact. Read this if you think you might already be a victim of a scam.

The best time to change your password is now

January 30th, 2014 No comments

You can reduce your chances of being hacked by regularly changing the passwords on all the accounts where you enter financial or other sensitive information. Set an automatic reminder to update passwords on your email, banking, and credit card websites every three months.

Different sites have different rules for passwords that they’ll accept, but here is some basic guidance on how to create strong passwords:

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) upper and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

Learn more about how to create strong passwords and protect your passwords.

If you think someone has gone into your account and changed your password, learn how to recover a hacked account.

Q & A: Keeping kids safer online

I recently sat down with Sonia Livingstone, a professor in the Department of Media and Communications at the London School of Economics to discuss children and kids and the Internet.

Q. You’ve spent the last two months at Microsoft’s Cambridge research facility. How did that opportunity come about?

A. I have known danah boyd, who started the Social Media Collective at Microsoft Research New England, for quite a while, since we’re both interested in studying teenagers’ ‘risky’ activities on social networking sites. And I’d known Nancy Baym, who invited me to visit, for even longer—since we began our careers researching the soap opera audience. Now I see parallels between soap opera and social media—they’re both about the everyday ways that people create a shared social world through seemingly mindless but actually significant chat and gossip.

Q. Share a key learning from this experience and how it will influence your work.

A. The lab values intellectual discussion across disciplinary boundaries. We all find this difficult, requiring lots of ‘translation’ to understand what people from different traditions find interesting questions, let alone how they come to their answers. I appreciate the recognition that it is important not to stay siloed in our separate spaces, but to talk across divides and seek common ground. The design of the lab echoes this principle—open doors, flexible spaces for discussion, frequent moments when everyone comes together to talk about ideas. It’s a contrast with the academic model I’m used to.

Q. You’re the lead researcher for the EU Kids Online network, which is the “gold standard” when it comes to kids’ Internet use in the EU. What’s next for this project?

A. We are coming to the end of our third phase of funded activity. The European Commission’s (EC) Safer Internet (now Better Internet for Kids) Programme is changing into something new. We are focused on completing interviews and focus groups in 9 or 10 countries, aiming to understand the contexts in which children talk about online risk and how they try to cope with it—or, what support they think they need. As I look ahead, I see the value of our network both for its high-quality cross-national research and for its infrastructural role, paralleling the networks for awareness raising, children’s charities, and helplines to provide the evidence base for policymaking and practical safety/empowerment initiatives in Europe.

Q. Any observations on the way American parents approach kids and technology compared to their European counterparts?

A. My sense is that parents’ expectations are greater in the US than in Europe, where we rely more on schools to guide kids, but also on kids themselves. For example, British parents generally do not check their child’s phone or laptop because the child’s right to privacy outweighs the parents’ duty to protect. I think American parents strike a different balance, considering that they have a right to check their phone because they pay the bill. As I see it, children have a right to privacy, but parents have a duty of care. That’s a difficult balancing act in any culture. My hope is that we find ways for parents and children to share responsibility and talk openly about risks rather than parents snooping on kids and kids finding ways to escape scrutiny.

Q. How can we make parents, educators, and policymakers aware that there is a difference between risk versus harm, and how should we be thinking about that?

Statistics on risk (for example, the proportion of children being exposed to online pornography) are inevitably higher than statistics on harm (for example, the proportion of children who are damaged, upset, or threatened by online pornography or other online risks). In our findings, around one in eight children aged 9–16 across Europe had seen explicit online sexual images, but only one in three of those said that was an upsetting experience. We can take different positions—some will decide that children don’t know what harms them and that all exposure to explicit porn is harmful; others will decide that children’s voices should be respected; there’ll be positions in between too. My main point is that this should be discussed.

Q. What is industry’s role in this discussion?

Two factors influence when risk turns into harm. The first depends on the child and the circumstances in which they use the Internet. A psychologically vulnerable child has less resilience when finding extreme images and is more readily upset. The second depends on the industry’s design of the online environment. If a mildly pornographic image links to more extreme images, risks can lead to harm. If a search for self-harm offers professional advice on sources of help (instead of peer advice on how to cut), risk may not lead to harm.

One hopes that multiple stakeholders—including industry, child welfare, and researchers—will discuss openly where the risks are arising and work together to minimize harm. Ideally, they’d find ways that don’t restrict children’s opportunities to explore and benefit from the Internet.

Q. What do you think parents struggle with the most, and what would you tell them to help calm their anxiety about their kid’s digital lifestyles?

I think parents struggle with two things in particular. The first is that the media are full of panicky headlines that raise fears of abduction, porn addiction, and cyberbullying, and it would help if the media could raise awareness in a more balanced and proportionate way. The second is that they struggle with protecting versus empowering their children. Parents want to trust their kids and respect their privacy. Stakeholders need to provide more nuanced and age-sensitive advice to guide parents. And parents should read the press more critically and listen to their children more sensitively.

Q. Kids are going online at increasingly younger ages. Most of our work focuses on reaching parents of children and teens, but who is thinking about the really young kids, 2–5-year-olds?

The marketing and content industries are thinking about very young kids as a new market. Despite claims of educational outcomes, there is very little evidence that it benefits kids to be going online so young. A few researchers are also studying the contexts and consequences of young kids’ Internet use, and I hope we see more of this in the future.

Q. Where is the online safety debate headed? There is talk about moving from a “safer” to a “better” Internet, and from protecting kids to empowering them. Is a shift taking place? What will the impact be?  

The argument for a better Internet for kids is a good one: there’s no point having a safe Internet if it has little that’s great for kids to do. Dealing with the risk of harm should become a ‘hygiene factor’: like immunizations against disease or reliable systems for clean water, life without good hygiene is problematic, even intolerable. Once those systems are in place, the important questions are about how society should be organized for positive goals. We are so preoccupied with eliminating threats that we’ve lost sight of what we want for the Internet. Remember those early debates about kids having the world of knowledge at their fingertips. What’s our present vision of what we want for kids? That’s where creative thinking is now needed.

Q. There has been a lot in the news from the UK recently. Any thoughts on what PM Cameron is trying to accomplish?

Our prime minister has put children’s Internet safety high on the political agenda. He is focused on eliminating child abuse images from the Internet. He has also insisted that all ISPs provide usable filters for parents. While welcoming both developments, I have two concerns. The first is that we will need new research to be sure that the benefits are reaching children: will children encounter fewer risks online, will their parents feel more empowered to deal with what worries them, and will this be achieved in ways that don’t restrict children’s rights to free expression, privacy, and participation. Second, government intervention online always raises concerns about wider freedom of expression, censorship, and rights. I would like to see an independent, accountable, trusted body established to oversee child protection and empowerment online in a way that responds to wider public concerns. This would also help ensure that Internet safety remains on the agenda.

Q. Lastly, the theme for Safer Internet Day in 2014 is “Let’s Create a Better Internet Together.” Will you be doing anything special to mark the day?

A. We plan to release the first part of our report on the qualitative work on kids’ perceptions of risk that I described earlier. But the findings are a secret till then! I will be in Brussels announcing the winner of the EC’s positive online content competition, of which I chair the jury. That’s a nice role—celebrating what’s good about the Internet for kids.

10 New Year’s resolutions for your digital devices and your online life

December 31st, 2013 No comments

It’s a new year, which means it’s time to resolve to create healthier habits in our daily lives. But we don’t have to stop at just improving our body, mind, and spirit. It’s also a good idea to resolve to keep our PCs, laptops, smartphones, and social networking sites healthy this year.

1. Keep your software up to date. You can help protect against viruses, fraud, and more by keeping your operating system, antivirus software, antispyware software, web browser, and other software updated. Microsoft releases security updates on the second Tuesday of every month. Learn how to get security updates automatically.

2. Create strong passwords, keep them secret, and change them regularly. This is particularly important for those passwords that safeguard your computer, important accounts (like email or Facebook), and sensitive information, like financial and health data. Get more information about creating strong passwords and protecting them.

3. Use antivirus software. If your computer is running Windows 8, you can use the built-in Windows Defender to help you detect and get rid of spyware and other malware. If your computer is running Windows 7, Windows Vista, or Windows XP, Windows Defender removes spyware.

4. Check and adjust your privacy settings. You can participate in the online world and keep your information private. Learn more about how to manage your privacy settings in Windows, Internet Explorer, your Microsoft account, Windows Phone, and more. 

Watch a video about privacy in action (1:19).

5. Teach your children about online safety. Before kids use computers, gaming consoles, or mobile devices, make sure you agree on clear limits, talk about how to keep accounts and passwords secret, and help them stand up to online bullying. If your child got a new device this holiday season, read this checklist for safety tips.

6. Monitor your children’s online behaviors, and continue to talk to them about Internet safety. If your kids are online, it’s important to have regular online safety conversations and to continue to keep track of what they’re doing. For more information, see Age-based guidelines for kids’ Internet use.

7. Upgrade to modern software that provides the latest security technologies and protections. Advanced security technologies in modern operating systems are specifically designed to make it more difficult, more complex, more expensive, and therefore, less appealing to cybercriminals to exploit vulnerabilities. Learn more about how support for Windows XP ends this year.

8. Use SkyDrive to help protect your personal information. Ransomware is a type of malware designed to infiltrate your computer and hold your files (photos, documents, reports, etc.) hostage until you pay the demanded amount of money to a cybercriminal. One of the best ways to protect your files is to back them up using a removable drive or a cloud service like SkyDrive.

9. Explore new tools for PC protection. If you feel comfortable performing more advanced computer tasks, consider downloading the free Enhanced Mitigation Experience Toolkit (EMET), which will make it even more difficult for malicious hackers and cybercriminals to get into your computer.

10. Ignore fake tech support phone calls. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes. If you receive a suspicious phone call from someone claiming to be from Microsoft, all you have to do is hang up. For more information, see Avoid tech support phone scams.

 

Shop for gifts online more safely

December 13th, 2013 No comments

If you want to stay home and avoid the crowds this holiday season, you can do all your shopping online. But before you log on, make sure you know how to identify websites that won’t compromise your privacy.

Before you enter your credit card number, check for signs that a site is safe:

  • Verify that the web address starts with https.
  • Check for a lock icon  in the web address window.
  • Look for a seal of approval from an outside Internet trust organization.

Read more about how to know whether you can trust a website.

If you trust a website, there are still things that you can do to protect your privacy:

Read more about how to make safer transactions online.

Using SkyDrive this holiday season can help protect your personal information

It’s no surprise that the holidays are one of the busiest times of the year for online shopping.  But did you know it’s also one of the busiest times for uploading pictures to photo sharing and social media sites?  On average, more than 250 million photos per day were uploaded to Facebook alone during October, November and December of 2011.

That only includes the number of photos uploaded online, it doesn’t take into consideration, the photos being stored on personal devices and computers.  This number only continues to grow.

Think about all those special get-togethers with family and friends that we capture and store on our devices. Now imagine, all of those precious moments in time, being locked and held for ransom.  Well that’s exactly what’s happening with an emerging type of malware scheme known as ransomware.

Ransomware is a type of malware designed to infiltrate your computer and hold your files (photos, documents, reports, etc.) hostage until you pay the demanded amount of money to a cybercriminal.  These files are being held ransom for money in some cases as much as $500.  And paying the money doesn’t necessarily mean you’ll get your files back.

According to the recently published Microsoft Security Intelligence Report volume 15, ransomware is on the rise.    So what does it look like? 

Ransomware often masquerades as an official-looking warning from a well-known law enforcement agency, such as the US Federal Bureau of Investigation (FBI) or the Metropolitan Police Service of London.  It can look like a pop-up, accusing you of committing a computer-related crime, or a locked screen requiring a password.  If you see these indicators, don’t pay the ransom.  It’s most likely the latest scam created by cybercriminals to try and extort money.

One of the best ways to protect your files is to back them up using a removable drive or a cloud service like SkyDrive.

In addition to backing up your files, there are best practices that can help prevent ransomware from infecting your computer: 

  • Keep all software installed up to date. 
  • Use modern software that provides the latest security technologies and protections.
  • Install and use an up-to-date, real time anti-malware solution from a vendor you trust. Some anti-malware software options are available on Microsoft’s security partner webpage.
  • Don’t click on links or open attachments from untrusted sources.

You can also visit What is ransomware? for more information about ransomware and how computer users can avoid being taken advantage of by these threats.   For additional guidance, regularly check our Safety & Security Center, where all of our tools and materials are available, including our Digital Citizenship in Action Toolkit. “Like” our page on Facebook, and follow us on Twitter.  Get proactive and get involved – in online safety.  

How do I keep my firewall on?

August 27th, 2013 No comments

Using a firewall is like locking the front door to your house—it helps keep intruders (in this case, hackers and malicious software) from getting in. Windows Firewall is included in Windows and is turned on by default.

If you see a warning that your firewall is turned off, it could be because:

  • You or someone else has turned off your firewall.
  • You or someone else has installed antivirus software that includes a firewall and that disables Windows Firewall.
  • The warnings that you see are fake alerts, caused by malicious software.

You do not need to turn off your firewall

There are two ways to allow an app or a program through a firewall. Both are risky, but not as risky as turning off your firewall. Learn how to allow an app through a firewall in Windows 8 or Windows 7.

Check your firewall settings in Windows 8

If you think your firewall is turned off, open Windows Firewall by swiping in from the right edge of the screen, tapping Search (or if you’re using a mouse, pointing to the upper-right corner of the screen, moving the mouse pointer down, and then clicking Search). Type firewall in the search box, tap or click Settings, and then tap or click Windows Firewall.

In the left pane, tap or click Turn Windows Firewall on or off . You might be asked for an admin password or to confirm your choice.

For more information, see Windows Firewall from start to finish.

Check your firewall settings in Windows 7 and Windows Vista

If you think your firewall is turned off, follow these steps:

  1. Open Windows Firewall by clicking the Start button , and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.
  2. In the left pane, click Turn Windows Firewall on or off.  If you’re prompted for an administrator password or confirmation, type the password or provide confirmation.
  3. Below each network location type, click Turn on Windows Firewall, and then click OK. We recommend that you turn on the firewall for all network location types.

You don’t need antivirus software that includes a firewall

Because Windows comes with a firewall, you don’t need to install an additional one. You don’t need to buy or download antivirus software that includes a firewall.

Windows 8 also comes with built-in antivirus software that is turned on by default, so you do not need to install other antivirus software.

If your computer is running Windows 7, Windows Vista, or Windows XP, you may want to install antivirus software to help protect your computer. You can install Microsoft Security Essentials for free. If you’ve already installed other antivirus software, you will need to uninstall the other antivirus software before you install Microsoft Security Essentials.

Microsoft Security Essentials includes integration with Windows Firewall, so you can turn Windows Firewall on by using Microsoft Security Essentials.

Watch out for fake alerts

Rogue security software is malicious software that might display fake warnings telling you that your firewall is turned off, even if it isn’t. If you think your computer is infected with rogue secure software, use your antivirus software or do a free scan with the Microsoft Safety Scanner. For more information, read Watch out for fake virus alerts.

Microsoft won’t ask for your credit card to unblock your email account

August 1st, 2013 No comments

Tom asks:

I’m getting messages from Microsoft about my email account. The messages say that my account is blocked and I can only unblock it with a credit card number. Is this legit?

No, these messages sound like a phishing scam, a type of identity theft designed to steal your personal information, such as credit card numbers, passwords, account data, or other information. Never provide personal information in response to requests like this. In fact, it’s best not to respond at all. Instead, delete the email message and report it.

If you can’t access your email account, get information on how to recover your hacked account.

Learn how to help protect yourself from email and web scams

If you’ve been a victim of identity theft in the United States, report it right away to the U.S. Federal Trade Commission

Why does my AV software keep turning off?

July 25th, 2013 No comments

Bob writes:

My antivirus software keeps turning off and I can’t get it back on.

Here are the most common reasons you might encounter this problem:

Your computer is already infected with rogue security software

The warning that you’re antivirus software is turned off might be a fake alert, also known as “rogue security software.” This type of warning is designed to fool you into downloading malicious software or paying for antivirus software. Take our Real vs. Rogue quiz to see if you can identify the difference.”

You have more than one antivirus program

Your antivirus software could turn off if you try to install another antivirus program. Running more than one antivirus program at the same time can cause conflicts and errors that make your antivirus protection less effective or not effective at all.

You might have a virus

Some viruses can disable your antivirus software or disable updates to your antivirus software. Viruses can also prevent you from going online to update or reinstall your antivirus software.

For troubleshooting help, see What to do if your antivirus software stops working.