Archive

Archive for the ‘cybersafety’ Category

HOW TO: Report the Microsoft phone scam

September 18th, 2014 No comments

If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

You can report this scam to the following authorities:

Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world. 

HOW TO: Report the Microsoft phone scam

September 18th, 2014 No comments

If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.

Do not trust unsolicited calls. Do not provide any personal information.

You can report this scam to the following authorities:

Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world.

Congratulations! You’ve won $800,000!!

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)

  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)

  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)

  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed. 

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story. 

Congratulations! You’ve won $800,000!!

September 2nd, 2014 No comments

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)
  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)
  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)
  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed.

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story.

Do you know your kids’ passwords?

August 27th, 2014 No comments

This is the second of two blog posts on password protection. Read Part 1: Create strong passwords and protect them.

Whether or not you should know all of your kids’ passwords depends on their age, how responsible they are, and your parenting values.

However, kids of any age and responsibility level need to know how to create strong passwords and how to protect those passwords.

Sharing is great, but not with passwords

Your kids should never give their friends their passwords or let them log on to their accounts. Also, be careful sharing your passwords with your kids.

3 strategies for strong passwords

  • Length. Make your passwords at least eight (8) characters long.

  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.

  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

For more information, see Help kids create and protect their passwords.

Do you know your kids’ passwords?

August 27th, 2014 No comments

This is the second of two blog posts on password protection. Read Part 1: Create strong passwords and protect them. Whether or not you should know all of your kids’ passwords depends on their age, how responsible they are, and your parenting values. However, kids of any age and responsibility level need to know how to create strong passwords and how to protect those passwords.

Sharing is great, but not with passwords

Your kids should never give their friends their passwords or let them log on to their accounts. Also, be careful sharing your passwords with your kids.

3 strategies for strong passwords

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

For more information, see Help kids create and protect their passwords.

Back-to-school checklist: Clean up my digital life

Ever wonder what your online image says about you? Do you constantly “check in” on social media, take daily selfies, or post the latest images of your kids? In an era of seemingly non-stop online sharing of our thoughts, images, and experiences, it’s important to understand the lasting impact our digital actions have on us and those around us.

US households have an average of 5.7 devices for personal and professional use, according to a recent Microsoft study. As this interconnectivity continues to grow, it’s not surprising that people and organizations, including employers or college recruiters for example, turn to social networking sites as a way to help assess potential candidates. Our same research, however, found that only a small percentage of global respondents take key steps to help manage their online reputations:

  • 19 percent edited or deleted information to protect their online reputation;

  • 15 percent used search engines to monitor and manage their personal information online; and

  • 10 percent used a service to edit or delete information about themselves online

This tells me that as connected as we might be, we may not be doing all we can to manage our online personas. So, before kids, and even parents, educators, counselors, and coaches, head back to school, Microsoft wants each of us to make a personal commitment to #Do1Thing to set yourself up for digital success this school year. Visit Microsoft.com/SaferOnline to share your story and learn more about managing your digital life. On the interactive website, you can also:

  • Take our social personality quiz: Which social media cliché are you?  Find out if you’re #HashtagHyper, a Click-Collector, or a One-Upper. Do you know someone who fits each profile? I bet you do.

    • Share your results through social media for the chance to win a MS Nokia Lumia 2520 Red 10.1 Tablet with Windows RT 8.1(Verizon) in our #Do1ThingSweeps sweepstakes

  • Watch our catchy video: It’s your social personality! Share this light-hearted piece with your social circles and help friends and family understand the potential impact of their online behavior.

  • Finally, review each of our online reputation tips and enjoy the dog days of summer knowing you’ve completed your back-to-school checklist.

For more information about Microsoft’s work in Online Safety, visit our Safety & Security Center, “like” us on Facebook, follow us on Twitter, and look for my “point of view” following the #MSFTCOSO hashtag.

9 ways to stay safe online this summer

July 17th, 2014 No comments

Summer is in full swing. Here are our best safety and security tips for the season.

  1. Don’t broadcast vacation plans on your social networking sites. If you’re leaving your home unoccupied and at risk for potential burglary, you might want to wait to post your vacation photographs until you return home. Get more tips for email and social networking safety.

  2. Limit who knows your location. Before you go on vacation, take a few minutes to adjust settings for sharing your location on your social networking sites and any apps on your smartphone. If you have kids who go online, make sure they know this, too. For more information, see Use location services more safely.

  3. Set computer and device rules for when you’re not around. If your kids are old enough to stay home alone when they’re not at school, make sure you talk to them about Internet safety. Download our tip sheet for pointers to jump-start—or continue—online safety conversations.

  4. Learn how to use parental controls. All Microsoft products include built-in privacy controls and safeguards that put you in charge of your children’s entertainment experiences and allow you to customize how personal information is, or is not, shared. Get step-by-step guidance on how to switch on safety settings across Microsoft technology and devices at home.

  5. Stay safe when playing games online. If your children’s summer sport of choice is the Xbox, Xbox One, Kinect, or other online or console game, learn about the core family safety features of Xbox One and find other ways to help kids play it safe.

  6. Update your software on your laptop or tablet. Before you go on vacation, make sure all your software is updated, to help prevent problems caused by hackers. If your laptop is still running Windows XP, read about the end of support for Windows XP.

  7. Check the security level of public Wi-Fi networks before you use them. Choose the most secure connection—even if that means you have to pay for access. A password-protected connection (ideally one that is unique for your use) is better than one without a password. Both Windows 7 and Windows 8 can help you evaluate and minimize network security risks.

  8. Avoid typing sensitive information on your laptop using an unsecured wireless connection. If possible, save your financial transactions for after your summer vacation on a secured home connection. For more information, see How to know if a financial transaction is secure.

  9. Watch out for suspicious messages from your friends on vacation asking for money. This is a common scam cybercriminals use when they’ve hacked into someone’s account. Find a different way to contact your friend. Learn more about scam email messages.

Microsoft takes on world’s worst cybercriminals

July 15th, 2014 No comments

Microsoft recently took legal action against a group of cybercriminals suspected of spreading malicious software to millions of unsuspecting computer users.

These social media–savvy cybercriminals have not only spread the malware themselves, but they’ve also promoted their malicious tools across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct illicit crimes.

For more information on the legal action, see Microsoft takes on global cybercrime epidemic in tenth malware disruption.

To help protect yourself against cybercrime

  • Keep your operating system and other software updated.
  • Use antivirus software (and keep it updated).
  • Don’t open suspicious email messages, links, or attachments.

Get more guidance at How to boost your malware defense and protect your PC.

Trouble installing updates? Might be a case of bad timing

July 10th, 2014 No comments

This week we released security updates for the Windows operating system. If you have automatic updating turned on, your updates have probably already been downloaded and installed for you.

Learn how to get updates automatically

Even if you have automatic updating turned on, you might see an error message telling you that your updates were not installed.

Some errors are simply a matter of bad timing. Sometimes your updates don’t install because the website is too busy or you’re using a slow connection. You can usually fix these problems by trying to install the updates again.

For more information about solving connection problems, see:

Get advance notice about July 2014 security updates

July 3rd, 2014 No comments

Today, the Microsoft Security Response Center (MSRC) posted details about the July security updates.

If you have automatic updating turned on, most of these updates will download and install on their own. Sometimes you may need to provide input for Windows Update during an installation. In this case, you’ll see an alert in the notification area at the far right of the taskbar—be sure to click it.

In Windows 8, Windows will turn on automatic updating during setup unless you choose to turn it off. To check this setting and turn on automatic updating, open the Search charm, enter Turn automatic updating on or off, and tap or click Settings to find it. 

Learn how to install Windows Updates in Windows 7.

If you are a technical professional

The Microsoft Security Bulletin Advance Notification Service offers details about security updates approximately three business days before they are released. We do this to enable customers (especially IT professionals) to plan for effective deployment of security updates.

Sign up for security notifications

Do you know what your children are doing online?

This week in the UK, Microsoft launches the Safer Families program for parents to help their kids stay safer online.

According to recent Microsoft research*:

  • 98 percent of UK parents with children at home agree that protecting their children online is necessary, yet almost 50 percent have not used the family safety settings or functions on the devices their children use.
  • Of these, 50 percent don’t know how to do so, and 50 percent know how, but just haven’t done it yet.

*The survey interviewed 1000 parents in the UK with children at home aged 5-16 years.  

So what can parents do? 

Microsoft makes it easy by providing parental controls that are built into its products and services. The new Safer Families program is designed to help parents remove the feeling of ”parental tech paralysis” and switch on safety settings on your Microsoft technology and devices at home.

Learn more about the Safer Families program and how to turn on parental controls on your Microsoft devices.

5 ways to protect your Microsoft account

May 15th, 2014 No comments

Your Microsoft account (formerly your Windows Live ID) is the combination of an email address and a password that you use to sign in to services such as Xbox LIVE and Outlook.com, as well as devices such as Windows Phone and computers running Windows 8.

A Microsoft account is free and you can use it to:

  • Purchase apps from the Windows Store
  • Back up all your data using free cloud storage
  • Keep all your devices, photos, friends, games, settings, music, up to date and in sync.

5 ways to help protect your Microsoft account

  1. Create a strong password. Strong passwords use a combination of uppercase and lowercase letters, numerals, punctuation marks, and symbols. The longer the better, and don’t use personal information (such as a pet’s name, nickname, or driver’s license number) that can be easily guessed.
  2. Protect your password. Don’t use the same password you use on other sites, and remember to change your Microsoft account password (as well as other passwords) regularly. Watch out for email social engineering scams designed to trick you into turning over your password to a cybercriminal.
  3. Enable two-step verification. Two-step verification uses two ways to verify your identity whenever you sign in to your Microsoft account. Two-step verification is optional, but we recommend that you use it. Learn how to turn it on.
  4. Make sure the security information associated with your account is current. If the alternate email address or phone number you’ve given us changes, update the settings of your account so that we can contact you if there’s a problem.
  5. Watch out for phishing scams. If you receive an email message about the security of your Microsoft account, it could be a phishing scam. Don’t click links in any messages unless you trust or check with the sender. 

Don’t have a Microsoft account yet? See How do I sign up for a Microsoft account?

Get security updates for May 2014

May 13th, 2014 No comments

Microsoft releases security updates on the second Tuesday of every month.

Skip the details and check for the latest updates.

This bulletin announces the release of security updates for Windows, Microsoft Office, and other programs.

To get more information about security updates and other privacy and security issues delivered to your email inbox, sign up for our newsletter.

HOW TO: Recycle your old computers and devices for Earth Day

April 22nd, 2014 No comments

Today is Earth Day. Show your love for the globe by getting rid of your old technology in the most environmentally friendly way possible.

Step 1: Back up files or data you want to keep

Use the backup utilities that are built into Windows XP, Windows Vista, and Windows 7 to transfer files from your old computer to your new one.

If you’re getting rid of a computer that is running Windows 8, use File History.

Step 2: Remove personal information from your computer or device

If you use a Microsoft Certified Refurbisher, they will help you remove your data and help you donate your equipment to people in need around the world.

If you decide to remove the personal information yourself, wipe your hard drive by using specialized software that is designed to government standards and will overwrite your information (Active@ KillDisk and Softpedia DP Wiper are free downloads). 

Step 3: Find a reputable recycler

If you’ve already used a Microsoft Certified Refurbisher, they can help you find the right place for your old computers and devices. If you’re doing it yourself, you can find a list of Microsoft-sponsored recycling opportunities in your area.

Many places will offer rewards for your recycled technology. If you’re getting rid of old Xbox or Playstation games, you might be able to exchange them for a gift card to buy new games.

For more information, see How to more safely dispose of computers and other devices. If you just want to upgrade your operating system, find out if your current computer can run Windows 8.1 and you might not even need to get rid of it.

Tax scams: 6 ways to help protect yourself

March 20th, 2014 No comments

We’ve received reports that cybercriminals are at it again, luring unsuspecting taxpayers in the United States into handing over their personal information as they rush to file their taxes before the deadline.

Here are 6 ways to help protect yourself.

1.     Beware of all email, text, or social networking messages that appear to be from the IRS. Cybercriminals often send fraudulent messages meant to trick you into revealing your social security number, account numbers, or other personal information. They’ll even use the IRS logo. Read more about how the IRS does not initiate contact with taxpayers by email or use any social media tools to request personal or financial information.
2.       Use technology to help detect scams. Scams that ask for personal or financial information are called “phishing scams.” Internet Explorer, Microsoft Outlook, and other programs have anti-phishing protection built in. Read more about identity theft protection tools that can help you avoid tax scams.
3.       Check to see if you already have antivirus software. If a cybercriminal does fool you with a tax scam that involves downloading malware onto your computer, you might already be protected by your antivirus software. If your computer is running Windows 8, you have antivirus software built in. Download Microsoft Security Essentials at no cost for Windows 7 and Windows Vista. 
4.       Make sure the website uses secure technology. If you’re filing your taxes on the web, make sure that the web address begins with https, and check to see if a tiny locked padlock appears at the bottom right of the screen. For more information, see How do I know if I can trust a website and What is HTTPs?
5.       Think before you download tax apps. Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.
6.       Be realistic. If it sounds too good to be true, it probably is. From companies that promise to file your taxes for free, to websites that claim you don’t have to pay income tax because it’s unconstitutional—keep an eye out for deliberately misleading statements.

Get advance notice about March 2014 security updates

March 6th, 2014 No comments

Today, the Microsoft Security Response Center (MSRC) posted details about the March security updates.

If you have automatic updating turned on, most of these updates will download and install on their own. Sometimes you may need to provide input for Windows Update during an installation. In this case, you’ll see an alert in the notification area at the far right of the taskbar—be sure to click it.

In Windows 8, Windows will turn on automatic updating during setup unless you choose to turn it off. To check this setting and turn on automatic updating, open the Search charm, enter Turn automatic updating on or off, and tap or click Settings to find it. 

For other versions of Windows, you can check whether automatic updating is turned on through the Microsoft Update website. This will open Windows Update in Control Panel; if automatic updating is not turned on, you’ll be guided through the steps to set it up. After that, all the latest security and performance improvements will be installed on your PC quickly and reliably.

If you are a technical professional

The Microsoft Security Bulletin Advance Notification Service offers details about security updates approximately three business days before they are released. We do this to enable customers (especially IT professionals) to plan for effective deployment of security updates.

Sign up for security notifications

5 safety tips for online dating

February 13th, 2014 No comments

If you’re going to be connecting online this Valentine’s Day (or ever), follow these safety and privacy tips.

  1. Avoid catfishing. This is a type of social engineering designed to entice you into a relationship in order to steal your personal information, your money, or both. Always remember that people on the other end of online conversations might not be who they say they are. Treat all email and social networking messages with caution when they come from someone you don’t know.
  2.  Use online dating websites you trust. Knowing when to trust a website depends in part on who publishes it, what information they want, and what you want from the site. Before you sign up on a site, read the privacy policy. Can’t find it? Find another site. For more information, see How do I know if I can trust a website?
  3.  Be careful with the information you post on online. Before you put anything on a social networking site, personal website, or dating profile, think about what you are posting, who you are sharing it with, and how this will reflect on your online reputation. For more information, watch this video about the dangers of oversharing.
  4.  Be smart about details in photographs. Photographs can reveal a lot of personal information, including identifiable details such as street signs, house numbers, or your car’s license plate. Photographs can also reveal location information. For more information, see Use location services more safely.
  5.  Block and report suspicious people. Use the tools in your email, social networking program, or dating website to block and report unwanted contact. Read this if you think you might already be a victim of a scam.

The best time to change your password is now

January 30th, 2014 No comments

You can reduce your chances of being hacked by regularly changing the passwords on all the accounts where you enter financial or other sensitive information. Set an automatic reminder to update passwords on your email, banking, and credit card websites every three months.

Different sites have different rules for passwords that they’ll accept, but here is some basic guidance on how to create strong passwords:

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) upper and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

Learn more about how to create strong passwords and protect your passwords.

If you think someone has gone into your account and changed your password, learn how to recover a hacked account.

10 New Year’s resolutions for your digital devices and your online life

December 31st, 2013 No comments

It’s a new year, which means it’s time to resolve to create healthier habits in our daily lives. But we don’t have to stop at just improving our body, mind, and spirit. It’s also a good idea to resolve to keep our PCs, laptops, smartphones, and social networking sites healthy this year.

1. Keep your software up to date. You can help protect against viruses, fraud, and more by keeping your operating system, antivirus software, antispyware software, web browser, and other software updated. Microsoft releases security updates on the second Tuesday of every month. Learn how to get security updates automatically.

2. Create strong passwords, keep them secret, and change them regularly. This is particularly important for those passwords that safeguard your computer, important accounts (like email or Facebook), and sensitive information, like financial and health data. Get more information about creating strong passwords and protecting them.

3. Use antivirus software. If your computer is running Windows 8, you can use the built-in Windows Defender to help you detect and get rid of spyware and other malware. If your computer is running Windows 7, Windows Vista, or Windows XP, Windows Defender removes spyware.

4. Check and adjust your privacy settings. You can participate in the online world and keep your information private. Learn more about how to manage your privacy settings in Windows, Internet Explorer, your Microsoft account, Windows Phone, and more. 

Watch a video about privacy in action (1:19).

5. Teach your children about online safety. Before kids use computers, gaming consoles, or mobile devices, make sure you agree on clear limits, talk about how to keep accounts and passwords secret, and help them stand up to online bullying. If your child got a new device this holiday season, read this checklist for safety tips.

6. Monitor your children’s online behaviors, and continue to talk to them about Internet safety. If your kids are online, it’s important to have regular online safety conversations and to continue to keep track of what they’re doing. For more information, see Age-based guidelines for kids’ Internet use.

7. Upgrade to modern software that provides the latest security technologies and protections. Advanced security technologies in modern operating systems are specifically designed to make it more difficult, more complex, more expensive, and therefore, less appealing to cybercriminals to exploit vulnerabilities. Learn more about how support for Windows XP ends this year.

8. Use SkyDrive to help protect your personal information. Ransomware is a type of malware designed to infiltrate your computer and hold your files (photos, documents, reports, etc.) hostage until you pay the demanded amount of money to a cybercriminal. One of the best ways to protect your files is to back them up using a removable drive or a cloud service like SkyDrive.

9. Explore new tools for PC protection. If you feel comfortable performing more advanced computer tasks, consider downloading the free Enhanced Mitigation Experience Toolkit (EMET), which will make it even more difficult for malicious hackers and cybercriminals to get into your computer.

10. Ignore fake tech support phone calls. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes. If you receive a suspicious phone call from someone claiming to be from Microsoft, all you have to do is hang up. For more information, see Avoid tech support phone scams.