Archive

Archive for the ‘id theft’ Category

HOW TO: Report the Microsoft phone scam

September 18th, 2014 No comments

If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

You can report this scam to the following authorities:

Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world. 

HOW TO: Report the Microsoft phone scam

September 18th, 2014 No comments

If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

You can report this scam to the following authorities:

Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world.

Congratulations! You’ve won $800,000!!

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)

  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)

  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)

  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed. 

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story. 

Congratulations! You’ve won $800,000!!

September 2nd, 2014 No comments

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)
  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)
  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)
  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed.

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story.

Create stronger passwords and protect them

August 25th, 2014 No comments

All week we’ll be posting our best guidance on how to create, protect, and manage your passwords.

Passwords are your first line of defense against hackers. Pick passwords that are difficult to crack but easy for you to remember.

What does “difficult to crack” mean?

Each time cybercriminals hack into a database of passwords, they learn more about the kinds of passwords that people use. (Come back on Friday to read Part 3 of our password series on what passwords you should never, ever use.) Now, even passwords that we think are tricky can be guessed by cybercriminals who’ve harnessed the right technology to crack passwords.

The best passwords are the most unpredictable

Stuart Schechter and other colleagues from Microsoft Research have developed a free online tool that helps you avoid passwords that are predictable. Try the tool.

A strong password:

  • Contains at least eight characters.

  • Does not contain your user name, real name, or company name.

  • Does not contain a complete word.

  • Is significantly different from previous passwords.

  • Is different from passwords that you’ve used on other websites.

Get more advice on how to create strong passwords.

6 ways to protect your password

Once you’ve chosen a strong password, you can protect it from hackers by following a few simple rule:

  1. Don’t share your password with friends.

  2. Never give your password to people who call you on the phone or send unsolicited email, even if they claim to be from Microsoft.

  3. Change your password regularly.

  4. Tell your children not to share your passwords (or theirs) with anyone. Check back tomorrow for more guidance on how to help kids create and protect their passwords.

  5. Evaluate password managers and other password tools carefully.  If they keep all your passwords in the cloud, they should use encryption. If the service has problems, understand that you might be locked out of your accounts.

  6. Enable two-step verification. Two-step verification uses two ways to verify your identity whenever you sign in to your Microsoft account. Two-step verification is optional, but we recommend that you use it. Learn how to turn it on.

Learn more about how to protect your passwords.

Create stronger passwords and protect them

August 25th, 2014 No comments

All week we’ll be posting our best guidance on how to create, protect, and manage your passwords.

Passwords are your first line of defense against hackers. Pick passwords that are difficult to crack but easy for you to remember.

What does “difficult to crack” mean?

Each time cybercriminals hack into a database of passwords, they learn more about the kinds of passwords that people use. (Come back on Friday to read Part 3 of our password series on what passwords you should never, ever use.) Now, even passwords that we think are tricky can be guessed by cybercriminals who’ve harnessed the right technology to crack passwords.

The best passwords are the most unpredictable

Stuart Schechter and other colleagues from Microsoft Research have developed a free online tool that helps you avoid passwords that are predictable. Try the tool.

A strong password:

  • Contains at least eight characters.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete word.
  • Is significantly different from previous passwords.
  • Is different from passwords that you’ve used on other websites.

Get more advice on how to create strong passwords.

5 ways to protect your password

Once you’ve chosen a strong password, you can protect it from hackers by following a few simple rule:

  1. Don’t share your password with friends.
  2. Never give your password to people who call you on the phone or send unsolicited email, even if they claim to be from Microsoft.
  3. Change your password regularly.
  4. Tell your children not to share your passwords (or theirs) with anyone. Check back tomorrow for more guidance on how to help kids create and protect their passwords.
  5. Evaluate password managers and other password tools carefully.  If they keep all your passwords in the cloud, they should use encryption. If the service has problems, understand that you might be locked out of your accounts.

Learn more about how to protect your passwords.

Why do I have to update my email account information?

August 21st, 2014 No comments

We’ve noticed comments from many of you asking why we want you to verify your Microsoft security information. We’d like to explain why verifying this information is important. To help protect your email account and your personal data, we ask everyone who has a Microsoft account to make sure that the security information associated with their account is correct and up to date. When your security information (like an alternate email address or phone number) is current, we can use it to verify your identity.

For example, if you forget your password or if someone else tries to take over your account, Microsoft uses your security details to help you get back into your account.

If you see a message asking you to update or verify your Microsoft account security information, you have seven days to do it. If you no longer have access to your security information, you will have to fill out a support request.

Get a quick overview of how to add security info to your account

Why do I have to update my email account information?

August 21st, 2014 No comments

We’ve noticed comments from many of you asking why we want you to verify your Microsoft security information. We’d like to explain why verifying this information is important. To help protect your email account and your personal data, we ask everyone who has a Microsoft account to make sure that the security information associated with their account is correct and up to date. When your security information (like an alternate email address or phone number) is current, we can use it to verify your identity.

For example, if you forget your password or if someone else tries to take over your account, Microsoft uses your security details to help you get back into your account.

If you see a message asking you to update or verify your Microsoft account security information, you have seven days to do it. If you no longer have access to your security information, you will have to fill out a support request.

Get a quick overview of how to add security info to your account

9 ways to stay safe online this summer

July 17th, 2014 No comments

Summer is in full swing. Here are our best safety and security tips for the season.

  1. Don’t broadcast vacation plans on your social networking sites. If you’re leaving your home unoccupied and at risk for potential burglary, you might want to wait to post your vacation photographs until you return home. Get more tips for email and social networking safety.

  2. Limit who knows your location. Before you go on vacation, take a few minutes to adjust settings for sharing your location on your social networking sites and any apps on your smartphone. If you have kids who go online, make sure they know this, too. For more information, see Use location services more safely.

  3. Set computer and device rules for when you’re not around. If your kids are old enough to stay home alone when they’re not at school, make sure you talk to them about Internet safety. Download our tip sheet for pointers to jump-start—or continue—online safety conversations.

  4. Learn how to use parental controls. All Microsoft products include built-in privacy controls and safeguards that put you in charge of your children’s entertainment experiences and allow you to customize how personal information is, or is not, shared. Get step-by-step guidance on how to switch on safety settings across Microsoft technology and devices at home.

  5. Stay safe when playing games online. If your children’s summer sport of choice is the Xbox, Xbox One, Kinect, or other online or console game, learn about the core family safety features of Xbox One and find other ways to help kids play it safe.

  6. Update your software on your laptop or tablet. Before you go on vacation, make sure all your software is updated, to help prevent problems caused by hackers. If your laptop is still running Windows XP, read about the end of support for Windows XP.

  7. Check the security level of public Wi-Fi networks before you use them. Choose the most secure connection—even if that means you have to pay for access. A password-protected connection (ideally one that is unique for your use) is better than one without a password. Both Windows 7 and Windows 8 can help you evaluate and minimize network security risks.

  8. Avoid typing sensitive information on your laptop using an unsecured wireless connection. If possible, save your financial transactions for after your summer vacation on a secured home connection. For more information, see How to know if a financial transaction is secure.

  9. Watch out for suspicious messages from your friends on vacation asking for money. This is a common scam cybercriminals use when they’ve hacked into someone’s account. Find a different way to contact your friend. Learn more about scam email messages.

5 ways to protect your Microsoft account

May 15th, 2014 No comments

Your Microsoft account (formerly your Windows Live ID) is the combination of an email address and a password that you use to sign in to services such as Xbox LIVE and Outlook.com, as well as devices such as Windows Phone and computers running Windows 8.

A Microsoft account is free and you can use it to:

  • Purchase apps from the Windows Store
  • Back up all your data using free cloud storage
  • Keep all your devices, photos, friends, games, settings, music, up to date and in sync.

5 ways to help protect your Microsoft account

  1. Create a strong password. Strong passwords use a combination of uppercase and lowercase letters, numerals, punctuation marks, and symbols. The longer the better, and don’t use personal information (such as a pet’s name, nickname, or driver’s license number) that can be easily guessed.
  2. Protect your password. Don’t use the same password you use on other sites, and remember to change your Microsoft account password (as well as other passwords) regularly. Watch out for email social engineering scams designed to trick you into turning over your password to a cybercriminal.
  3. Enable two-step verification. Two-step verification uses two ways to verify your identity whenever you sign in to your Microsoft account. Two-step verification is optional, but we recommend that you use it. Learn how to turn it on.
  4. Make sure the security information associated with your account is current. If the alternate email address or phone number you’ve given us changes, update the settings of your account so that we can contact you if there’s a problem.
  5. Watch out for phishing scams. If you receive an email message about the security of your Microsoft account, it could be a phishing scam. Don’t click links in any messages unless you trust or check with the sender. 

Don’t have a Microsoft account yet? See How do I sign up for a Microsoft account?

HOW TO: Recycle your old computers and devices for Earth Day

April 22nd, 2014 No comments

Today is Earth Day. Show your love for the globe by getting rid of your old technology in the most environmentally friendly way possible.

Step 1: Back up files or data you want to keep

Use the backup utilities that are built into Windows XP, Windows Vista, and Windows 7 to transfer files from your old computer to your new one.

If you’re getting rid of a computer that is running Windows 8, use File History.

Step 2: Remove personal information from your computer or device

If you use a Microsoft Certified Refurbisher, they will help you remove your data and help you donate your equipment to people in need around the world.

If you decide to remove the personal information yourself, wipe your hard drive by using specialized software that is designed to government standards and will overwrite your information (Active@ KillDisk and Softpedia DP Wiper are free downloads). 

Step 3: Find a reputable recycler

If you’ve already used a Microsoft Certified Refurbisher, they can help you find the right place for your old computers and devices. If you’re doing it yourself, you can find a list of Microsoft-sponsored recycling opportunities in your area.

Many places will offer rewards for your recycled technology. If you’re getting rid of old Xbox or Playstation games, you might be able to exchange them for a gift card to buy new games.

For more information, see How to more safely dispose of computers and other devices. If you just want to upgrade your operating system, find out if your current computer can run Windows 8.1 and you might not even need to get rid of it.

Heartbleed: What you need to know

April 10th, 2014 No comments

On April 8, 2014, security researchers announced a flaw in the software that is used to protect your information on the web. The vulnerability, known as “Heartbleed,” could potentially allow a cyberattacker to access personal information.

After a thorough investigation, Microsoft determined that Microsoft Account, Microsoft Azure, Office 365, Yammer, and Skype, along with most Microsoft Services, are not impacted by the “Heartbleed” vulnerability. A few services continue to be reviewed and updated with further protections.

We encourage you to be careful what information you provide to websites and help protect the security of your online accounts by using different passwords for different websites, changing your passwords often, and making your passwords as complex as possible.

For more information, see Microsoft Services unaffected by Open SSL “Heartbleed” vulnerability.

Tax scams: 6 ways to help protect yourself

March 20th, 2014 No comments

We’ve received reports that cybercriminals are at it again, luring unsuspecting taxpayers in the United States into handing over their personal information as they rush to file their taxes before the deadline.

Here are 6 ways to help protect yourself.

1.     Beware of all email, text, or social networking messages that appear to be from the IRS. Cybercriminals often send fraudulent messages meant to trick you into revealing your social security number, account numbers, or other personal information. They’ll even use the IRS logo. Read more about how the IRS does not initiate contact with taxpayers by email or use any social media tools to request personal or financial information.
2.       Use technology to help detect scams. Scams that ask for personal or financial information are called “phishing scams.” Internet Explorer, Microsoft Outlook, and other programs have anti-phishing protection built in. Read more about identity theft protection tools that can help you avoid tax scams.
3.       Check to see if you already have antivirus software. If a cybercriminal does fool you with a tax scam that involves downloading malware onto your computer, you might already be protected by your antivirus software. If your computer is running Windows 8, you have antivirus software built in. Download Microsoft Security Essentials at no cost for Windows 7 and Windows Vista. 
4.       Make sure the website uses secure technology. If you’re filing your taxes on the web, make sure that the web address begins with https, and check to see if a tiny locked padlock appears at the bottom right of the screen. For more information, see How do I know if I can trust a website and What is HTTPs?
5.       Think before you download tax apps. Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.
6.       Be realistic. If it sounds too good to be true, it probably is. From companies that promise to file your taxes for free, to websites that claim you don’t have to pay income tax because it’s unconstitutional—keep an eye out for deliberately misleading statements.

5 things you need to know about tech support scams

February 19th, 2014 No comments

If someone calls you from Microsoft tech support to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

What you need to know about tech support phone scams:

  1. Microsoft will not make unsolicited phone calls about computer security or software fixes. If you receive a call like this one, it’s a scam, and all you need to do is hang up.

  2. Cybercriminals often use publicly available phone directories, so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.

  3. If you have already given access to your computer to someone who claimed to be from Microsoft, immediately change your computers password, download the Microsoft Safety Scanner, and then make sure you have antivirus software installed.

  4. If you gave someone your credit card information to pay for services, contact your credit card company and alert them to this fraudulent purchase.

  5. The Federal Trade Commission (FTC) has received reports that criminals are taking advantage of consumers’ knowledge of the scam by calling to offer refunds for phony tech support. This is also a scam.

For more information, see Avoid tech support phone scams.

Categories: fraud, id theft, phone scams Tags:

5 safety tips for online dating

February 13th, 2014 No comments

If you’re going to be connecting online this Valentine’s Day (or ever), follow these safety and privacy tips.

  1. Avoid catfishing. This is a type of social engineering designed to entice you into a relationship in order to steal your personal information, your money, or both. Always remember that people on the other end of online conversations might not be who they say they are. Treat all email and social networking messages with caution when they come from someone you don’t know.
  2.  Use online dating websites you trust. Knowing when to trust a website depends in part on who publishes it, what information they want, and what you want from the site. Before you sign up on a site, read the privacy policy. Can’t find it? Find another site. For more information, see How do I know if I can trust a website?
  3.  Be careful with the information you post on online. Before you put anything on a social networking site, personal website, or dating profile, think about what you are posting, who you are sharing it with, and how this will reflect on your online reputation. For more information, watch this video about the dangers of oversharing.
  4.  Be smart about details in photographs. Photographs can reveal a lot of personal information, including identifiable details such as street signs, house numbers, or your car’s license plate. Photographs can also reveal location information. For more information, see Use location services more safely.
  5.  Block and report suspicious people. Use the tools in your email, social networking program, or dating website to block and report unwanted contact. Read this if you think you might already be a victim of a scam.

Remove your personal data before you recycle your old computer or device

January 2nd, 2014 No comments

Chances are good that you or someone in your life got a new PC, laptop, tablet, phone, or other device this holiday season. If you’re going to recycle, donate, or dispose of an old device, help protect your privacy by removing your personal information first.

You can do this yourself, or you can have an authorized refurbisher do it for you.  

Read our step-by-step guide on how to back up your files and choose which method of erasing your hard drive is right for you: How to more safely dispose of computers and other devices.

Also, get information about how to recycle hardware, packaging, and batteries.

10 New Year’s resolutions for your digital devices and your online life

December 31st, 2013 No comments

It’s a new year, which means it’s time to resolve to create healthier habits in our daily lives. But we don’t have to stop at just improving our body, mind, and spirit. It’s also a good idea to resolve to keep our PCs, laptops, smartphones, and social networking sites healthy this year.

1. Keep your software up to date. You can help protect against viruses, fraud, and more by keeping your operating system, antivirus software, antispyware software, web browser, and other software updated. Microsoft releases security updates on the second Tuesday of every month. Learn how to get security updates automatically.

2. Create strong passwords, keep them secret, and change them regularly. This is particularly important for those passwords that safeguard your computer, important accounts (like email or Facebook), and sensitive information, like financial and health data. Get more information about creating strong passwords and protecting them.

3. Use antivirus software. If your computer is running Windows 8, you can use the built-in Windows Defender to help you detect and get rid of spyware and other malware. If your computer is running Windows 7, Windows Vista, or Windows XP, Windows Defender removes spyware.

4. Check and adjust your privacy settings. You can participate in the online world and keep your information private. Learn more about how to manage your privacy settings in Windows, Internet Explorer, your Microsoft account, Windows Phone, and more. 

Watch a video about privacy in action (1:19).

5. Teach your children about online safety. Before kids use computers, gaming consoles, or mobile devices, make sure you agree on clear limits, talk about how to keep accounts and passwords secret, and help them stand up to online bullying. If your child got a new device this holiday season, read this checklist for safety tips.

6. Monitor your children’s online behaviors, and continue to talk to them about Internet safety. If your kids are online, it’s important to have regular online safety conversations and to continue to keep track of what they’re doing. For more information, see Age-based guidelines for kids’ Internet use.

7. Upgrade to modern software that provides the latest security technologies and protections. Advanced security technologies in modern operating systems are specifically designed to make it more difficult, more complex, more expensive, and therefore, less appealing to cybercriminals to exploit vulnerabilities. Learn more about how support for Windows XP ends this year.

8. Use SkyDrive to help protect your personal information. Ransomware is a type of malware designed to infiltrate your computer and hold your files (photos, documents, reports, etc.) hostage until you pay the demanded amount of money to a cybercriminal. One of the best ways to protect your files is to back them up using a removable drive or a cloud service like SkyDrive.

9. Explore new tools for PC protection. If you feel comfortable performing more advanced computer tasks, consider downloading the free Enhanced Mitigation Experience Toolkit (EMET), which will make it even more difficult for malicious hackers and cybercriminals to get into your computer.

10. Ignore fake tech support phone calls. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes. If you receive a suspicious phone call from someone claiming to be from Microsoft, all you have to do is hang up. For more information, see Avoid tech support phone scams.

 

Online safety tips for travelers

December 19th, 2013 No comments

If you’re travelling this holiday season and you plan to be online, here are a few ways to protect yourself and your family:

Get more mobile and wireless tips.

Shop for gifts online more safely

December 13th, 2013 No comments

If you want to stay home and avoid the crowds this holiday season, you can do all your shopping online. But before you log on, make sure you know how to identify websites that won’t compromise your privacy.

Before you enter your credit card number, check for signs that a site is safe:

  • Verify that the web address starts with https.
  • Check for a lock icon  in the web address window.
  • Look for a seal of approval from an outside Internet trust organization.

Read more about how to know whether you can trust a website.

If you trust a website, there are still things that you can do to protect your privacy:

Read more about how to make safer transactions online.

Microsoft won’t ask for your credit card to unblock your email account

August 1st, 2013 No comments

Tom asks:

I’m getting messages from Microsoft about my email account. The messages say that my account is blocked and I can only unblock it with a credit card number. Is this legit?

No, these messages sound like a phishing scam, a type of identity theft designed to steal your personal information, such as credit card numbers, passwords, account data, or other information. Never provide personal information in response to requests like this. In fact, it’s best not to respond at all. Instead, delete the email message and report it.

If you can’t access your email account, get information on how to recover your hacked account.

Learn how to help protect yourself from email and web scams

If you’ve been a victim of identity theft in the United States, report it right away to the U.S. Federal Trade Commission