Archive

Archive for the ‘scams’ Category

Congratulations! You’ve won $800,000!!

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)

  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)

  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)

  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed. 

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story. 

Congratulations! You’ve won $800,000!!

September 2nd, 2014 No comments

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)
  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)
  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)
  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed.

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story.

Tax scams: 6 ways to help protect yourself

March 20th, 2014 No comments

We’ve received reports that cybercriminals are at it again, luring unsuspecting taxpayers in the United States into handing over their personal information as they rush to file their taxes before the deadline.

Here are 6 ways to help protect yourself.

1.     Beware of all email, text, or social networking messages that appear to be from the IRS. Cybercriminals often send fraudulent messages meant to trick you into revealing your social security number, account numbers, or other personal information. They’ll even use the IRS logo. Read more about how the IRS does not initiate contact with taxpayers by email or use any social media tools to request personal or financial information.
2.       Use technology to help detect scams. Scams that ask for personal or financial information are called “phishing scams.” Internet Explorer, Microsoft Outlook, and other programs have anti-phishing protection built in. Read more about identity theft protection tools that can help you avoid tax scams.
3.       Check to see if you already have antivirus software. If a cybercriminal does fool you with a tax scam that involves downloading malware onto your computer, you might already be protected by your antivirus software. If your computer is running Windows 8, you have antivirus software built in. Download Microsoft Security Essentials at no cost for Windows 7 and Windows Vista. 
4.       Make sure the website uses secure technology. If you’re filing your taxes on the web, make sure that the web address begins with https, and check to see if a tiny locked padlock appears at the bottom right of the screen. For more information, see How do I know if I can trust a website and What is HTTPs?
5.       Think before you download tax apps. Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.
6.       Be realistic. If it sounds too good to be true, it probably is. From companies that promise to file your taxes for free, to websites that claim you don’t have to pay income tax because it’s unconstitutional—keep an eye out for deliberately misleading statements.

10 New Year’s resolutions for your digital devices and your online life

December 31st, 2013 No comments

It’s a new year, which means it’s time to resolve to create healthier habits in our daily lives. But we don’t have to stop at just improving our body, mind, and spirit. It’s also a good idea to resolve to keep our PCs, laptops, smartphones, and social networking sites healthy this year.

1. Keep your software up to date. You can help protect against viruses, fraud, and more by keeping your operating system, antivirus software, antispyware software, web browser, and other software updated. Microsoft releases security updates on the second Tuesday of every month. Learn how to get security updates automatically.

2. Create strong passwords, keep them secret, and change them regularly. This is particularly important for those passwords that safeguard your computer, important accounts (like email or Facebook), and sensitive information, like financial and health data. Get more information about creating strong passwords and protecting them.

3. Use antivirus software. If your computer is running Windows 8, you can use the built-in Windows Defender to help you detect and get rid of spyware and other malware. If your computer is running Windows 7, Windows Vista, or Windows XP, Windows Defender removes spyware.

4. Check and adjust your privacy settings. You can participate in the online world and keep your information private. Learn more about how to manage your privacy settings in Windows, Internet Explorer, your Microsoft account, Windows Phone, and more. 

Watch a video about privacy in action (1:19).

5. Teach your children about online safety. Before kids use computers, gaming consoles, or mobile devices, make sure you agree on clear limits, talk about how to keep accounts and passwords secret, and help them stand up to online bullying. If your child got a new device this holiday season, read this checklist for safety tips.

6. Monitor your children’s online behaviors, and continue to talk to them about Internet safety. If your kids are online, it’s important to have regular online safety conversations and to continue to keep track of what they’re doing. For more information, see Age-based guidelines for kids’ Internet use.

7. Upgrade to modern software that provides the latest security technologies and protections. Advanced security technologies in modern operating systems are specifically designed to make it more difficult, more complex, more expensive, and therefore, less appealing to cybercriminals to exploit vulnerabilities. Learn more about how support for Windows XP ends this year.

8. Use SkyDrive to help protect your personal information. Ransomware is a type of malware designed to infiltrate your computer and hold your files (photos, documents, reports, etc.) hostage until you pay the demanded amount of money to a cybercriminal. One of the best ways to protect your files is to back them up using a removable drive or a cloud service like SkyDrive.

9. Explore new tools for PC protection. If you feel comfortable performing more advanced computer tasks, consider downloading the free Enhanced Mitigation Experience Toolkit (EMET), which will make it even more difficult for malicious hackers and cybercriminals to get into your computer.

10. Ignore fake tech support phone calls. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes. If you receive a suspicious phone call from someone claiming to be from Microsoft, all you have to do is hang up. For more information, see Avoid tech support phone scams.

 

Shop for gifts online more safely

December 13th, 2013 No comments

If you want to stay home and avoid the crowds this holiday season, you can do all your shopping online. But before you log on, make sure you know how to identify websites that won’t compromise your privacy.

Before you enter your credit card number, check for signs that a site is safe:

  • Verify that the web address starts with https.
  • Check for a lock icon  in the web address window.
  • Look for a seal of approval from an outside Internet trust organization.

Read more about how to know whether you can trust a website.

If you trust a website, there are still things that you can do to protect your privacy:

Read more about how to make safer transactions online.

Avoid Affordable Care Act scams

November 28th, 2013 No comments

It’s no secret that the website designed to help Americans sign up for health insurance under the new Affordable Care Act has had technical issues. We’ve heard reports that scammers are taking advantage of the technical glitches to send out fake email messages or posts on social networking websites.

These scams, known as “phishing,” are designed to trick you into installing malicious software or to direct you to fraudulent websites, where you are asked to enter credit card and other personal or financial information.

To avoid getting tricked by these and other kinds of scams, or to minimize the damage they cause:

Categories: fraud, scams Tags:

Watch out for Typhoon Haiyan online donation scams

November 21st, 2013 No comments

The Internet is a great way to donate to typhoon survivors in the Philippines, but there are a few things you should know before you give.

Watch out for online scams. Criminals have set up fake donation sites to scam generous donors who want to help. This fraud is known as phishing. Pronounced “fishing,” this is a type of online identity theft that uses email, social networking, and fraudulent websites designed to steal your personal data, such as credit card numbers, passwords, account data, or other information.  

Use a reputable website. Donate to a known organization, such as the Red Cross. If you’re unsure whether a site is safe, see How do I know if I can trust a website?

Be careful with your personal information. To help avoid online scams, never provide your social security number, banking information, or credit card number over the phone, in an email or text message, or through your social networking site.

Do not click links in donation email messages or social networking posts. Type the web address directly into your browser instead.

Don’t send cash. If a donation website asks for cash or a wire transfer, this could be an online scam. It’s safer to pay with a credit card or a check.

For more information, read our article about donation scams, or go to the consumer information page about donations on the Federal Trade Commission (FTC) website.

Categories: phishing, scams Tags:

5 reasons NOT to share personal information on a website

August 22nd, 2013 No comments

Knowing when to trust a website depends in part on who publishes it, what information they want, and what you want from the site.

Here are five reasons to think twice before sharing information with a website.

1.       The site asks for personal information on a page whose URL does not start with HTTPS. If the URL in the address bar starts with HTTPS (instead of HTTP), the page is more secure. Never type passwords or other personal information unless you see the HTTPS.

2.       The site isn’t certified by an Internet trust organization. You can increase your privacy and security by shopping only at sites and using only services that have been certified by organizations such as TRUSTe , BBB Online, or the WebTrust website.

3.       You don’t know why they need the personal information. Watch out for sites that ask for credit card numbers or other financial information to verify your identity.

4.       You can’t find a privacy policy or privacy statement. Websites should outline the terms and circumstances regarding if or how they will share your information. If you can’t find this information, consider taking your business elsewhere.

5.       The site looks suspicious. Be wary of deals that sound too good to be true, offers that you receive in email messages from someone you don’t know, and email messages that you suspect might be spam.

 For more information, see:

Microsoft won’t ask for your credit card to unblock your email account

August 1st, 2013 No comments

Tom asks:

I’m getting messages from Microsoft about my email account. The messages say that my account is blocked and I can only unblock it with a credit card number. Is this legit?

No, these messages sound like a phishing scam, a type of identity theft designed to steal your personal information, such as credit card numbers, passwords, account data, or other information. Never provide personal information in response to requests like this. In fact, it’s best not to respond at all. Instead, delete the email message and report it.

If you can’t access your email account, get information on how to recover your hacked account.

Learn how to help protect yourself from email and web scams

If you’ve been a victim of identity theft in the United States, report it right away to the U.S. Federal Trade Commission

Why does my AV software keep turning off?

July 25th, 2013 No comments

Bob writes:

My antivirus software keeps turning off and I can’t get it back on.

Here are the most common reasons you might encounter this problem:

Your computer is already infected with rogue security software

The warning that you’re antivirus software is turned off might be a fake alert, also known as “rogue security software.” This type of warning is designed to fool you into downloading malicious software or paying for antivirus software. Take our Real vs. Rogue quiz to see if you can identify the difference.”

You have more than one antivirus program

Your antivirus software could turn off if you try to install another antivirus program. Running more than one antivirus program at the same time can cause conflicts and errors that make your antivirus protection less effective or not effective at all.

You might have a virus

Some viruses can disable your antivirus software or disable updates to your antivirus software. Viruses can also prevent you from going online to update or reinstall your antivirus software.

For troubleshooting help, see What to do if your antivirus software stops working.

7 ways to avoid TMI

July 23rd, 2013 No comments

Technology can make everything in our lives easier—including sharing too much information (TMI). Just because you can take a picture of your new credit card and post it on Instagram doesn’t mean that you should. In fact, you shouldn’t.

Sharing too much information can lead to identity theft. It can also damage your online reputation, which could prevent you from getting into college, getting a job, or even getting health insurance.

Here are ways to avoid sharing TMI:

  1. Never share your address, phone number, Social Security number, or other personal information through online interactions. 
  2. Use and manage your privacy settings. Limit who can see details of your online profiles.
  3. Never shop, bank, or enter passwords or credit card numbers over public Wi-Fi.
  4. Ask questions. Sometimes we do need to share personal information, but before doing so, ask why the information is necessary and beware of imposters.
  5. Use sites that you can trust. Learn what to look for.
  6. Stop and think before you post an image, blog, tweet, or comment. What does it say about you and how you want to be viewed online?
  7. Take charge of your online reputation: Discover, evaluate, protect, cultivate, and restore as needed.

For more tips on avoiding TMI, check out the hashtag #IsThisTMI on our Twitter channel.

 

Have authorities detected illegal activities on my computer?

July 16th, 2013 No comments

John writes:

I got an email saying that illegal materials were found on my computer and it would be locked until I paid a fine. Is this a scam?

Yes, this sounds like a common blackmail scam called ransomware. Ransomware is an email, website or pop-up window that displays warnings about possible illegal activities and demands payment before you can access your files and programs again. Delete the email and report it immediately.

Do you think you might have already fallen for a ransomware scam? Find out what to do.

Catfishing: Are you falling for it?

June 20th, 2013 No comments

The news is filled with stories about people, famous and otherwise, getting caught in online dating scams. The phenomenon is so common that it now has a name: Catfishing. The term catfishing comes from the 2010 movie Catfish about a man who was lured into a relationship by a scammer who was using a fake social networking profile.

Catfishing is a kind of social engineering. It’s similar to messages that claim that your computer has a virus, that you’ve won a lottery, or that you can earn money for little or no effort on your part. All of these scams are designed to “hook” you with fear, vanity, and too-good-to-be-true offers. The cybercriminal in a catfishing scam might post fake pictures or send encouraging messages to entice you into a relationship, but the goal is the same as in other scams: The scammer wants to steal your personal information, your money, or both.

3 ways to help avoid catfishing

  • Always remember that people on the other end of online conversations might not be who they say they are. Treat all emails and social networking messages with caution when they come from someone you don’t know.
  • Never share your passwords, even with someone you trust. If you think your accounts have been compromised, change your passwords as soon as possible.
  • If you suspect that someone is catfishing you, report them.

For more general tips and advice on how to avoid scams, download our free 12-page booklet, Online Fraud: Your Guide to Prevention, Detection, and Recovery (PDF file, 2.33 MB), and browse our other resources on how to protect yourself online.

There is no Hotmail Maintenance Department

June 13th, 2013 No comments

Cassie writes:

I received an email from the Hotmail Maintenance Department requesting personal information verification. The message included a PDF file. Is this a scam?

Yes. This is one of many types of email cybercrime, also called phishing. Cybercriminals often use the Microsoft name to try to get you to share your personal information so that they can use it for identity theft. Delete the message—do not open it, and do not click any links or open any attachments.

The Hotmail Maintenance Department doesn’t exist—and if it did, the department wouldn’t send unsolicited email messages with attachments that asked for your personal information. Be suspicious of any email messages that appear to come from the Hotmail team; even though your email address still says “Hotmail,” the service is now called Outlook.com.

For more tips on spotting scam email messages, see How to recognize phishing email messages, links, or phone calls.

If you opened the PDF file, your computer might already be infected with malware that can be used to steal your personal information. Scan your computer with the Microsoft Safety Scanner to find out. The scanner will also help you remove any malicious software it finds.

Top 5 online safety tips for summer

June 4th, 2013 No comments

To help stay safe on your travels this summer, we recommend these Internet safety and privacy tips.

  1. Make sure your laptop or tablet has up-to-date antivirus and antispyware software installed. Windows 8 includes antivirus protection that’s turned on by default. If your computer isn’t running Windows 8, you can download Microsoft Security Essentials for free.
  2. Don’t broadcast vacation plans on your social networking site. If you’re leaving your house unoccupied and at risk for potential burglary, take a few minutes to adjust settings for sharing your location on your social networking site and any apps on your smart phone. If you have kids who go online, make sure they know this, too. For more information, see Use location services more safely.
  3. Lock your mobile phone. Use a four-digit PIN, or a password option, if you have it. Keep it secret. Use our password checker to test your password strength. Also, if you don’t need to store sensitive information on your phone, don’t. Learn more ways to secure your smartphone or learn about the Windows Phone privacy settings.
  4. Avoid typing sensitive information on your laptop using an unsecured wireless connection. If possible, save your financial transactions for a secured home connection. Passwords, credit card numbers, or other financial information are less secure on a public network. If you must enter credit card numbers while using a public network, make sure you see a locked padlock icon in the corner of the browser window and make sure the web address begins with HTTPS (the “S” stands for secure). Get more safety tips for using Wi-Fi.
  5. Your friend probably didn’t just get robbed in a foreign country. If you get an email from a friend who needs you to send him money while he’s on his vacation, be suspicious. A scammer can take over (or hijack) an email account and send an email to you that looks like it’s from someone on your contact list. Find a different way to try to contact your friend to find out if this email really came from him. With Outlook.com (formerly Hotmail), you can now report a friend who you think has been scammed, even if that friend doesn’t use Outlook.com. For more information, see Security features in Outlook.com.

Fraud alert: Free “Xbox points”

April 25th, 2013 No comments

Although Microsoft was founded 38 years ago this month, don’t fall for a widespread scam that offers free “Xbox points” for wishing the company a happy birthday. Online offers that seem too good to be true probably are. Learn more about common scams that use the Microsoft name.

One way to recognize a scam is to check for inaccurate spelling or wording. Points used on Xbox LIVE Marketplace are actually called “Microsoft Points” (not “Xbox points”). You can purchase them on your console dashboard at Xbox.com or at a video game retailer. Learn more about Microsoft Points and Xbox LIVE Rewards.

See our Facebook page message about this scam

Online scams are no April Fool’s Joke

April 1st, 2013 No comments

On April Fools’ Day you might have fun being the recipient or the instigator of a harmless prank or two, but it’s good for you to know about online pranks we’ve seen that are far from harmless.

Phone scams. Cybercriminals don’t just email you or post on your social networking site anymore. They call you, pretending to be Microsoft tech support and offering to help you fix your computer. Microsoft will not make unsolicited calls to offer support. For more information, see Avoid tech support phone scams.

Verify your account scam. If you receive an email message that asks you to verify your username and password for your Microsoft account, your Hotmail account, or other account, it’s a scam designed to steal your personal information. The message often includes the threat of immediate account closure. Microsoft will not close your account if you do not provide personal information in an email. For more information, see Avoid scams that use the Microsoft name fraudulently.

Fake security software scams. If you see a pop-up window saying that your computer is infected or unprotected it could be a scam known as “rogue security software” or “scareware.” Rogue security software might report a virus, even though your computer is actually clean. For examples of rogue security software, see our Real vs. Rogue Facebook app.

Learn about how to help protect yourself from other popular scams

Filing taxes? Beware of scams

February 26th, 2013 No comments

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

  • Fraudulent links to get your refund
  • Free tax preparation or tax preparation software
  • Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams


Filing taxes? Beware of scams

February 26th, 2013 No comments

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

  • Fraudulent links to get your refund
  • Free tax preparation or tax preparation software
  • Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams


Help! My email’s been hacked

February 22nd, 2013 No comments

If you use Outlook.com or Hotmail and think your account has been hacked, you should act right away to help protect your Microsoft account.

If you can still access your Microsoft account, sign in and immediately change your password. For Outlook.com, go to the Password and Security section; for Hotmail, go to the Account overview page in the Account security section.

If you can’t sign in, reset your password.

For more information, see How to recover your hacked Microsoft account.