Swedish Windows Security User Group

Although Microsoft was founded 38 years ago this month, don’t fall for a widespread scam that offers free “Xbox points” for wishing the company a happy birthday. Online offers that seem too good to be true probably are. Learn more about common scams that use the Microsoft name.

One way to recognize a scam is to check for inaccurate spelling or wording. Points used on Xbox LIVE Marketplace are actually called “Microsoft Points” (not “Xbox points”). You can purchase them on your console dashboard at Xbox.com or at a video game retailer. Learn more about Microsoft Points and Xbox LIVE Rewards.

See our Facebook page message about this scam

If you’re traveling with your laptop, tablet, smartphone, or other device this spring break, the following tips can help you stay safer online with a mobile device.

• Make sure your laptop or tablet has up-to-date antivirus and antispyware software installed. Windows 8 includes antivirus protection that’s turned on by default. If your computer isn’t running Windows 8, download Microsoft Security Essentials for free.
• Choose the most secure Wi-Fi connection. Both Windows 7 and Windows 8 can help you evaluate and minimize network security risks.
• Avoid entering passwords, credit card numbers, or other financial information on a less secure public network.
• Be careful about who you alert on your social networking site that your home will be empty.
• Be mindful of your online image. Remember that spring break photographs and videos that you post on the Internet could be there forever. Learn how to take charge of your online reputation.
• Lock your mobile phone with a unique, four-digit PIN. Keep it secret. Take our poll about mobile manners and safety and get more tips.

Get more tips on using public computers and wireless devices more safely

On April Fools’ Day you might have fun being the recipient or the instigator of a harmless prank or two, but it’s good for you to know about online pranks we’ve seen that are far from harmless.

Phone scams. Cybercriminals don’t just email you or post on your social networking site anymore. They call you, pretending to be Microsoft tech support and offering to help you fix your computer. Microsoft will not make unsolicited calls to offer support. For more information, see Avoid tech support phone scams.

Verify your account scam. If you receive an email message that asks you to verify your username and password for your Microsoft account, your Hotmail account, or other account, it’s a scam designed to steal your personal information. The message often includes the threat of immediate account closure. Microsoft will not close your account if you do not provide personal information in an email. For more information, see Avoid scams that use the Microsoft name fraudulently.

Fake security software scams. If you see a pop-up window saying that your computer is infected or unprotected it could be a scam known as “rogue security software” or “scareware.” Rogue security software might report a virus, even though your computer is actually clean. For examples of rogue security software, see our Real vs. Rogue Facebook app.

Learn about how to help protect yourself from other popular scams

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

• Fraudulent links to get your refund
• Free tax preparation or tax preparation software
• Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

• Fraudulent links to get your refund
• Free tax preparation or tax preparation software
• Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams

You may have seen reports about security alerts for Java recently. Java is a commonly used piece of software from Oracle, so there’s a good chance you have it installed on your computer. Cybercriminals often use fake virus alerts to lure you into buying fraudulent antivirus software. These alerts state that your computer or other device is at risk, but clicking a link in one of them could lead you to downloading malicious software.

In the case of the fake Java updates, cybercriminals are taking advantage of news about security vulnerabilities in Java and recommendations to update Java immediately. We agree that if you use Java on your device you should update it directly from the Oracle website:  

• Get updates for Java from Oracle
• Turn on automatic updates for Java

If you don’t, then it’s a good idea to uninstall older versions of Java and disable Java in your browser like you would for any unused software.

Java is just one piece of software that cybercriminals target. It’s important to keep all the software installed on your system up to date. For Microsoft software, you can use the Microsoft Update service.

If you think you have a virus, visit the Microsoft Security Support Center for assistance.  

You may have seen reports about security alerts for Java recently. Java is a commonly used piece of software from Oracle, so there’s a good chance you have it installed on your computer. Cybercriminals often use fake virus alerts to lure you into buying fraudulent antivirus software. These alerts state that your computer or other device is at risk, but clicking a link in one of them could lead you to downloading malicious software.

In the case of the fake Java updates, cybercriminals are taking advantage of news about security vulnerabilities in Java and recommendations to update Java immediately. We agree that if you use Java on your device you should update it directly from the Oracle website:  

• Get updates for Java from Oracle
• Turn on automatic updates for Java

If you don’t, then it’s a good idea to uninstall older versions of Java and disable Java in your browser like you would for any unused software.

Java is just one piece of software that cybercriminals target. It’s important to keep all the software installed on your system up to date. For Microsoft software, you can use the Microsoft Update service.

If you think you have a virus, visit the Microsoft Security Support Center for assistance.  

From the latest scams and fraud to how, when, and why to update your computer, here are the stories that you viewed and clicked on the most this year.

Download security update for Internet Explorer. In September, Microsoft released a security update for Internet Explorer. To help protect your computer, visit Windows Update to download and install the update and ensure that you have automatic updating turned on.

Update your browser. In February, if you had automatic updating turned on, Windows Update automatically upgraded you to Internet Explorer 9.  Now you can get Internet Explorer 10.

Is my computer up to date? In March, you clicked on this blog entry to learn how to turn on automatic updating and to make sure that your computer had all of the latest updates.

Beware of ransomware. Nearly a year ago, a lot of you stopped by to learn about the resurgence of this scam. It launches a pop-up window warning that illegal material has been found on your computer and then locks you out of your computer unless you pay a fee. It’s still around, and we recently offered new guidance to help you deal with it.

Protect yourself from online tracking. Earlier this year we reported on Tracking Protection, which was a new feature in Internet Explorer 9. Read more about how user privacy protection has evolved and why it is turned on by default in Internet Explorer 10.

Here are five more stories that were popular with you this year:

• Free tool automatically checks and builds up your computer’s defenses
• Beware of tax scams
• Make room for your new PC, laptop, or Xbox
• What does your online image project about you?
• How do I know if I’m running the newest version of Internet Explorer?

From the latest scams and fraud to how, when, and why to update your computer, here are the stories that you viewed and clicked on the most this year.

Download security update for Internet Explorer. In September, Microsoft released a security update for Internet Explorer. To help protect your computer, visit Windows Update to download and install the update and ensure that you have automatic updating turned on.

Update your browser. In February, if you had automatic updating turned on, Windows Update automatically upgraded you to Internet Explorer 9.  Now you can get Internet Explorer 10.

Is my computer up to date? In March, you clicked on this blog entry to learn how to turn on automatic updating and to make sure that your computer had all of the latest updates.

Beware of ransomware. Nearly a year ago, a lot of you stopped by to learn about the resurgence of this scam. It launches a pop-up window warning that illegal material has been found on your computer and then locks you out of your computer unless you pay a fee. It’s still around, and we recently offered new guidance to help you deal with it.

Protect yourself from online tracking. Earlier this year we reported on Tracking Protection, which was a new feature in Internet Explorer 9. Read more about how user privacy protection has evolved and why it is turned on by default in Internet Explorer 10.

Here are five more stories that were popular with you this year:

• Free tool automatically checks and builds up your computer’s defenses
• Beware of tax scams
• Make room for your new PC, laptop, or Xbox
• What does your online image project about you?
• How do I know if I’m running the newest version of Internet Explorer?

Calling all teens!

Here’s your chance to create something fun that can help others. Start by reading the eligibility requirements and prize information in the official rules. Then have a look at the online safety materials from Microsoft for ideas to do one of the following:

• Stage a skit or presentation
• Produce a video
• Write a story or draw a cartoon
• Compose a song
• Conduct a survey

Participate in the Safer Online Teen Challenge

Holiday shopping is in full swing and so are the scams. The following tips can help you stay safe when you shop online.

Use a modern browser. Internet Explorer 9 and Internet Explorer 10 (available with Windows 8) include the SmartScreen filter.  SmartScreen helps protect you from fraudulent shopping websites that seek to acquire personal information such as user names and passwords. Learn more about SmartScreen.

Use strong passwords for online retail sites and keep your passwords secret. Make your passwords eight or more characters. Use a combination of numbers, symbols, and uppercase and lowercase letters (the greater the variety of characters, the stronger the password). Also, make sure you don’t use the same password for all the sites you use. Check the strength of your password.

Be careful when you shop online using a public Wi-Fi connection. If possible, save your financial transactions for a secured home connection. Passwords, credit card numbers, or other financial information are less secure on a public network. If you have to make a purchase, choose the most secure connection—even if that means you have to pay for access. Learn more about Wi-Fi safety.

Get more advice for safer online shopping

Need help spotting an online scam? Download our new free 12-page booklet called Online Fraud: Your Guide to Prevention, Detection, and Recovery.

This guide includes:

• Real-world examples of false promises made in fake emails
• Images of scam emails to help you avoid them
• Tips for guarding your computer and your sensitive information

What if we stopped listening to the fear-based news about cyberbullying, over-sharing, and loss of privacy?

What if we focused on research that doesn’t make for a scary headline on the evening news?

Would it surprise you to learn that a recent study by the Family Online Safety Institute (FOSI) and the Pew Internet Project showed 69 percent of teens reporting that their peers are mostly kind on social networking sites?

A Platform for Good is a new FOSI project aimed at changing the conversation about kids and technology. The site is designed for parents, teens, and teachers to share information and to do good online. A Platform for Good features a blog written by experts in the field, a resource center with videos and curriculum for teachers, and many other interactive features.

For more information, see Announcing “A Platform for Good” – A Place to Connect, Share and Do Good or go directly to A Platform for Good.

Microsoft released Security Advisory 2757760 yesterday about an issue in Internet Explorer.

The Microsoft Security Response Center (MSRC) is actively monitoring the situation and so far the issue has impacted only an extremely limited number of people.

For more information, see Microsoft Releases Security Advisory 2757760.

Full-strength solution available soon

Within the next few days Microsoft will release an easy-to-use tool (called a “Fix it”) that you can download for free. When the Fix it is available, we will post the link to download it here on this blog. You will also find it on the MSRC blog.

For more information, see Additional information about Internet Explorer and Security Advisory 2757760.

Are your kids going back to school with new mobile devices? Would you like tips to help protect them online as they settle into their school routine? Want to learn about trends in social media scams or a new approach to addressing online bullying? Or maybe you have your own specific online safety question. Join Microsoft Safer Online, Theresa Payton, former White House Chief Information Officer and cyber security expert, and America Now  during our live Twitter chat (#ANchat) on Wednesday, September 26. (See below for details.)

Participate for the chance to win one (1) of two (2) sweepstakes prize packages:

• One (1) Microsoft Hardware LifeCam Studio and one (1) 60 Minute Skype Card
• One (1) signed copy of Are You Naked Online? Protecting Your Internet Identity by Ted ClaypooleTheresa Payton, and

a collection of online safety materials to help educate yourself and others in your community

Eligible participants must complete the following steps:

Step 1: Read the Official Rules for complete details (Eligible winners in the U.S. Only).

Step 2: Register to attend the event via Eventbrite.

Step 3: Use your Twitter account and become a follower of @Safer_Online.

Step 4: On September 26, between 11:00 A.M. and 12:00 P.M. Pacific Time / 2:00 P.M. and 3:00 P.M. Eastern Time, use your Twitter account to participate in the live online Twitter chat with the hashtag #ANchat.

Step 5: Answer all four questions posted from either @Safer_Online or @AmericaNowNews and identified as Q1, Q2, Q3, and Q4.

Answers do not have to be correct to be eligible for entry, but your tweet responses must:

• Include the #ANchat hashtag, and
• Be relevant to the discussion topic and of clean language.

Limit one (1) entry per person, per question and Twitter handle.

For questions about the live Twitter chat or to submit an online safety topic, connect with us on Twitter, Facebook, or via email.

Happy tweeting from the team at Safer Online by Microsoft.

Outlook.com is Microsoft’s new free cloud email service for personal use. You can use Outlook.com with the Outlook desktop application, via the web at http://outlook.com, or via other email apps that support Exchange ActiveSync or POP3.

The new Outlook.com offers several security and privacy features, including:

• Limiting spam in your inbox to less than 3 percent of the items.
• Turning on the encryption feature (SSL) by default, which helps protect your account on wireless networks and public computers.
• Displaying trusted senders in your inbox.

For more information, see Introducing Outlook.com.

Want to keep up with the latest Outlook news? Follow @Outlook on Twitter.

Last month McAfee released results from their 2012 Teen Internet Behavior study. The study revealed that 61 percent of teens think that they can successfully hide their online behavior from their parents.

Here are a few examples of what they do:

• Erase browser history
• Minimize browser window when parents come into the room
• Use their cell phone for Internet activity, instead of the family computer

We think that the best way to protect your child on the Internet is for both parents and kids to understand the risks and for families to communicate with each other about their experiences online. That means making sure everyone knows the basics of online safety. Some parents have also found that once you establish your own rules, it helps to create an Internet contract.

For more information:

• Age-based guidelines for kids’ Internet use
• Protecting your kids with Windows Live Family Safety
• Take our online bullying quiz

John writes: 

I received an email that said that I won a prize from Microsoft and I am concerned that others may fall for this scam. Can’t anything be done about these types of scams?

The Microsoft Lottery scam is a fraudulent email that claims that you have won a lottery, a prize, a sweepstakes, or another kind of award. The goal of this phishing scam is to convince you to send money to claim your award or to turn over personal information.

Learn more about scams that use the Microsoft name fraudulently.

There is no Microsoft Lottery. If you receive an email like this, you can delete it or you can report it.

How to report an email scam

You can use Microsoft tools to report a suspected scam.

• Internet Explorer. While you are on a suspicious site, click the gear icon and then point to Safety. Then click Report Unsafe Website and use the web page that is displayed to report the website.
• Hotmail. If you receive a suspicious email message that asks for personal information, click the check box next to the message in your Hotmail inbox. Click Mark as and then point to Phishing scam.
• Microsoft Office Outlook. Attach the suspicious email message to a new email message and forward it toreportphishing@antiphishing.org. To learn how to attach an email message to an email message, see Attach a file or other item to an email message.

You can also download the Microsoft Junk E-mail Reporting Add-in for Microsoft Office Outlook.

Today the Microsoft Security Response Center (MSRC) posted details about the June security updates. On Tuesday, June 12 at approximately 10 AM Pacific Time Microsoft will release 8 bulletins.

The easiest way to get the updates when they’re available is to turn on Windows automatic updating. For more information about how this works, see Understanding Windows automatic updating.

The Microsoft Security Bulletin Advance Notification Service offers details about security updates approximately three business days before they are released. We do this to allow customers (especially IT professionals) to plan for effective deployment of security updates.

Advanced Notification includes information about:

• The number of new security updates being released
• The software affected
• Severity levels of vulnerabilities
• Information about any detection tools relevant to the updates

Betty writes:

I just received a call from a guy who said that my Windows was infected. He wanted me to sit in front of my computer while he fixed it. He became angry when I told him no and I hung up.

Thanks for writing, Betty. This type of call is a popular scam and you did exactly the right thing. Cybercriminals often use publicly available phone directories to call you and offer tech support. Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. If you do this, your computer and your personal information is vulnerable.

Do not trust unsolicited calls. Do not provide any personal information.

• Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
• Do not purchase any software or services.
• Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.

Get more information on how to avoid tech support phone scams.

If you think you’ve been a victim of a tech support scam

If you think that you might have downloaded malware from a phone tech support scam website or allowed a cybercriminal to access your computer, take these steps:

• Change your computer’s password. Change your Hotmail or other email password if you’ve given it to the caller.
• Scan your computer with the Microsoft Safety Scanner to find out if you have malware installed on your computer. (This program automatically expires 10 days after you download it so it won’t clog your hard drive.)
• Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charges you for it, this phone call is also a scam.)