Archive

Archive for the ‘phishing filter’ Category

Congratulations! You’ve won $800,000!!

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)

  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)

  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)

  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed. 

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story. 

Congratulations! You’ve won $800,000!!

September 2nd, 2014 No comments

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)
  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)
  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)
  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed.

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story.

Tax scams: 6 ways to help protect yourself

March 20th, 2014 No comments

We’ve received reports that cybercriminals are at it again, luring unsuspecting taxpayers in the United States into handing over their personal information as they rush to file their taxes before the deadline.

Here are 6 ways to help protect yourself.

1.     Beware of all email, text, or social networking messages that appear to be from the IRS. Cybercriminals often send fraudulent messages meant to trick you into revealing your social security number, account numbers, or other personal information. They’ll even use the IRS logo. Read more about how the IRS does not initiate contact with taxpayers by email or use any social media tools to request personal or financial information.
2.       Use technology to help detect scams. Scams that ask for personal or financial information are called “phishing scams.” Internet Explorer, Microsoft Outlook, and other programs have anti-phishing protection built in. Read more about identity theft protection tools that can help you avoid tax scams.
3.       Check to see if you already have antivirus software. If a cybercriminal does fool you with a tax scam that involves downloading malware onto your computer, you might already be protected by your antivirus software. If your computer is running Windows 8, you have antivirus software built in. Download Microsoft Security Essentials at no cost for Windows 7 and Windows Vista. 
4.       Make sure the website uses secure technology. If you’re filing your taxes on the web, make sure that the web address begins with https, and check to see if a tiny locked padlock appears at the bottom right of the screen. For more information, see How do I know if I can trust a website and What is HTTPs?
5.       Think before you download tax apps. Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.
6.       Be realistic. If it sounds too good to be true, it probably is. From companies that promise to file your taxes for free, to websites that claim you don’t have to pay income tax because it’s unconstitutional—keep an eye out for deliberately misleading statements.

5 reasons NOT to share personal information on a website

August 22nd, 2013 No comments

Knowing when to trust a website depends in part on who publishes it, what information they want, and what you want from the site.

Here are five reasons to think twice before sharing information with a website.

1.       The site asks for personal information on a page whose URL does not start with HTTPS. If the URL in the address bar starts with HTTPS (instead of HTTP), the page is more secure. Never type passwords or other personal information unless you see the HTTPS.

2.       The site isn’t certified by an Internet trust organization. You can increase your privacy and security by shopping only at sites and using only services that have been certified by organizations such as TRUSTe , BBB Online, or the WebTrust website.

3.       You don’t know why they need the personal information. Watch out for sites that ask for credit card numbers or other financial information to verify your identity.

4.       You can’t find a privacy policy or privacy statement. Websites should outline the terms and circumstances regarding if or how they will share your information. If you can’t find this information, consider taking your business elsewhere.

5.       The site looks suspicious. Be wary of deals that sound too good to be true, offers that you receive in email messages from someone you don’t know, and email messages that you suspect might be spam.

 For more information, see:

Catfishing: Are you falling for it?

June 20th, 2013 No comments

The news is filled with stories about people, famous and otherwise, getting caught in online dating scams. The phenomenon is so common that it now has a name: Catfishing. The term catfishing comes from the 2010 movie Catfish about a man who was lured into a relationship by a scammer who was using a fake social networking profile.

Catfishing is a kind of social engineering. It’s similar to messages that claim that your computer has a virus, that you’ve won a lottery, or that you can earn money for little or no effort on your part. All of these scams are designed to “hook” you with fear, vanity, and too-good-to-be-true offers. The cybercriminal in a catfishing scam might post fake pictures or send encouraging messages to entice you into a relationship, but the goal is the same as in other scams: The scammer wants to steal your personal information, your money, or both.

3 ways to help avoid catfishing

  • Always remember that people on the other end of online conversations might not be who they say they are. Treat all emails and social networking messages with caution when they come from someone you don’t know.
  • Never share your passwords, even with someone you trust. If you think your accounts have been compromised, change your passwords as soon as possible.
  • If you suspect that someone is catfishing you, report them.

For more general tips and advice on how to avoid scams, download our free 12-page booklet, Online Fraud: Your Guide to Prevention, Detection, and Recovery (PDF file, 2.33 MB), and browse our other resources on how to protect yourself online.

There is no Hotmail Maintenance Department

June 13th, 2013 No comments

Cassie writes:

I received an email from the Hotmail Maintenance Department requesting personal information verification. The message included a PDF file. Is this a scam?

Yes. This is one of many types of email cybercrime, also called phishing. Cybercriminals often use the Microsoft name to try to get you to share your personal information so that they can use it for identity theft. Delete the message—do not open it, and do not click any links or open any attachments.

The Hotmail Maintenance Department doesn’t exist—and if it did, the department wouldn’t send unsolicited email messages with attachments that asked for your personal information. Be suspicious of any email messages that appear to come from the Hotmail team; even though your email address still says “Hotmail,” the service is now called Outlook.com.

For more tips on spotting scam email messages, see How to recognize phishing email messages, links, or phone calls.

If you opened the PDF file, your computer might already be infected with malware that can be used to steal your personal information. Scan your computer with the Microsoft Safety Scanner to find out. The scanner will also help you remove any malicious software it finds.

Filing taxes? Beware of scams

February 26th, 2013 No comments

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

  • Fraudulent links to get your refund
  • Free tax preparation or tax preparation software
  • Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams


Filing taxes? Beware of scams

February 26th, 2013 No comments

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

  • Fraudulent links to get your refund
  • Free tax preparation or tax preparation software
  • Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams


Shop online with care this holiday season

November 27th, 2012 No comments

Holiday shopping is in full swing and so are the scams. The following tips can help you stay safe when you shop online.

Use a modern browser. Internet Explorer 9 and Internet Explorer 10 (available with Windows 8) include the SmartScreen filter.  SmartScreen helps protect you from fraudulent shopping websites that seek to acquire personal information such as user names and passwords. Learn more about SmartScreen.

Use strong passwords for online retail sites and keep your passwords secret. Make your passwords eight or more characters. Use a combination of numbers, symbols, and uppercase and lowercase letters (the greater the variety of characters, the stronger the password). Also, make sure you don’t use the same password for all the sites you use. Check the strength of your password.

Be careful when you shop online using a public Wi-Fi connection. If possible, save your financial transactions for a secured home connection. Passwords, credit card numbers, or other financial information are less secure on a public network. If you have to make a purchase, choose the most secure connection—even if that means you have to pay for access. Learn more about Wi-Fi safety.

Get more advice for safer online shopping

The $500 Costco card scam

November 1st, 2012 No comments

Many respondents to a recent Microsoft survey expressed concern about trickier scams that are happening on social networks. The Microsoft Malware Protection Center recently blogged about one of these new scams that claims to offer a free Costco gift card to all Facebook users.

But don’t click the link. If you want to see what would happen if you clicked it and followed the instructions, read A Facebook scam, end to end.

If you see any kind of offer that looks too good to be true, it probably is. Always check the official company or product website to see if it mentions the offer.

For more information on how you can avoid becoming a scam victim, see Email and web scams: how to help protect yourself.

Try Outlook.com

August 2nd, 2012 No comments

Outlook.com is Microsoft’s new free cloud email service for personal use. You can use Outlook.com with the Outlook desktop application, via the web at http://outlook.com, or via other email apps that support Exchange ActiveSync or POP3.

The new Outlook.com offers several security and privacy features, including:

  • Limiting spam in your inbox to less than 3 percent of the items.
  • Turning on the encryption feature (SSL) by default, which helps protect your account on wireless networks and public computers.
  • Displaying trusted senders in your inbox.

For more information, see Introducing Outlook.com.

Want to keep up with the latest Outlook news? Follow @Outlook on Twitter.

Fraud alert: Prize scams

July 17th, 2012 No comments

John writes: 

I received an email that said that I won a prize from Microsoft and I am concerned that others may fall for this scam. Can’t anything be done about these types of scams?

The Microsoft Lottery scam is a fraudulent email that claims that you have won a lottery, a prize, a sweepstakes, or another kind of award. The goal of this phishing scam is to convince you to send money to claim your award or to turn over personal information.

Learn more about scams that use the Microsoft name fraudulently.

There is no Microsoft Lottery. If you receive an email like this, you can delete it or you can report it.

How to report an email scam

You can use Microsoft tools to report a suspected scam.

  • Internet Explorer. While you are on a suspicious site, click the gear icon and then point to Safety. Then click Report Unsafe Website and use the web page that is displayed to report the website.
  • Hotmail. If you receive a suspicious email message that asks for personal information, click the check box next to the message in your Hotmail inbox. Click Mark as and then point to Phishing scam.
  • Microsoft Office Outlook. Attach the suspicious email message to a new email message and forward it toreportphishing@antiphishing.org. To learn how to attach an email message to an email message, see Attach a file or other item to an email message.

You can also download the Microsoft Junk E-mail Reporting Add-in for Microsoft Office Outlook.

Enhanced security in Internet Explorer 10

March 27th, 2012 No comments

If you’re the type that likes to look under the hood of your web browser, you can download the consumer preview for Windows 8, which includes the preview version of Internet Explorer 10.

Internet Explorer 10 includes an enhanced version of Protected Mode. Protected Mode is a feature of Internet Explorer that essentially blocks off parts of your computer to limit access in case you’re attacked by a virus or cybercriminal. Protected Mode has been around since 2006, but we’re always improving it.

Read about Enhanced Protected Mode in Internet Explorer 10.

Be warned that the preview version of Internet Explorer 10 is not for average computer users. If you think you might not be ready to test drive Internet Explorer 10, download Internet Explorer 9.

Review the security features in Internet Explorer 9.

Research firm rates spam filters

February 23rd, 2012 No comments

Spam filters for email programs are a little like the roof on a house. You wouldn’t want to live without one, but some are better than others.

Recent research from Cascade Insights showed that no email program they tested did better than Hotmail at filtering spam.

Get tricks for getting rid of spam, even if you don’t use Hotmail, and learn how to avoid other email and web scams.

You can also get more detailed information about SmartScreen, Microsoft’s spam-fighting technology, and go beyond the metrics in a detailed blog post by Dick Craddock, Hotmail Group Program Manager. 

Beware of bin Laden malware on the web and in email

If you’re searching for news about or pictures of Osama bin Laden, you might find malware instead. This week the FBI warned computer users to be especially careful of emails that claim to show photos or videos of bin Laden’s death.

Cybercriminals are quick to put up fraudulent websites that people will find when they’re searching for popular news topics. These sites often contain fake security software that tries to trick you into downloading malware by making you think that your security is at risk.

Only click links on websites that you trust. If you’re on a news website and you see a pop-up window that advertises security software, do not click it. Computerworld reports that these risks apply to people who use either the Windows or the Mac operating system.

Here are two free ways to help protect yourself:


    ID theft level drops, but cost remains high

    February 25th, 2011 Comments off

    Identity theft levels are at their lowest rate since 2007,
    according to Javelin Strategy & Research. However, the cost to consumers is
    on the rise. To find out more, see Identity
    Theft Falls 34%, Victims Pay More
    .

    Protect yourself from
    fraud

    Clearly we’re all getting better at identifying phishing
    scams and other kinds of email and web scams. You know the
    basics
    , but here are a few tips that you might not have heard about yet.


    • Internet Explorer’s InPrivate
      browsing
      can help protect your personal information when you use a public
      computer. Learn
      more
      .

    • If you receive email claiming that you’ve won
      the Microsoft Lottery, hit the delete button. The message is an example of an
      email scam. Learn
      more
      .

    • Your first line of defense against ID theft is a
      strong password. Check
      the strength of your password
      .

    For more information, see Get
    help with phishing scams, lottery fraud, and other types of scams
    .