Cybercriminals have started calling people on the telephone, claiming to be from Microsoft, and offering to help solve their computer problems. Once cybercriminals have gained a victim’s trust, they can do one or more of the following:

Trick people into installing malicious software on their computer.
Take control of a victim’s computer remotely and adjust settings in order to leave the computer vulnerable.
Request credit card information so that cybercriminals can bill for the phony services.
Microsoft will not make unsolicited phone calls to help you with your computer. If you receive a phone call like this, hang up.

If you think you might be a victim of fraud, you can report it. For more information, see What to do if you’ve responded to a phishing scam.

For more information about how to recognize a phishing scam, see Scams that use Microsoft’s name or product names.

Microsoft’s proposed legislation calls for:

• Reforming the Electronic Communications Privacy Act.
• Modernizing the Computer Fraud and Abuse Act.
• Helping consumers and businesses manage how their information is collected and shared.
• Addressing data access issues globally.

To read a transcript or to watch a video clip of Smith’s speech, see Building Confidence in Cloud Computing.
For more information about Microsoft’s approach, see Privacy in the Cloud.

The Downadup or Conficker worm exploits a bug in Microsoft Windows to infect mainly corporate networks, where — although it has yet to cause any harm — it potentially exposes infected PCs to hijack.

While the purpose of the worm is unclear, its unique “phone home” design, linking back to its point of origin, means it can receive further orders to wreak havoc.

It is suspected of originating in Ukraine, and is using the call-back mechanism to monitor an exponential infection rate, despite Microsoft’s issuing of a patch to fix the bug.

“On Tuesday there were 2.5 million, on Wednesday 3.5 million and today [Friday], eight million”.  “It’s getting worse, not better.”

Who is most at risk and what can be done to stop its spread;

How serious is it?

It is the most serious large scale worm outbreak we have seen in recent years because of how widespread it is, but it is not very serious in terms of what it does. So far it doesn’t try to steal personal information or credit card details.

Who is affected?

There are large infections in Europe, the United States and in Asia. It is a Windows worm and almost all the cases are corporate networks. There are very few reports of independent home computers affected.

What does it do?

It is a complicated worm most likely engineered by a group of people who have spent time making it very complicated to analyze and remove. The real reason why they have created it is hard to say right now, but we do know how it replicates.

How does it spread?

The worm does not spread over email or the Web. However if an infected laptop is connected to your corporate network, it will immediately scan the network looking for machines to infect. These will be machines that have not installed a patch from Microsoft known as MS08-067. The worm will also scan company networks trying to guess your password, trying hundreds and hundreds of common words. If it gets in, even if you are not at your machine, it will infect and begin spreading to other servers. A third method of spreading is via USB data sticks.

How can I prevent it infecting my machine?

The best way is to get the patch and install it company-wide. The second way is password security. Use long, difficult passwords — particularly for administrators who cannot afford to be locked out of the machines they will have to fix.

What can I do if it has already infected?

Machines can be disinfected. The problem is for companies with thousands of infected machines, which can become re-infected from just one computer even as they are being cleared.

You might see a phishing scam:

Often phishing scams rely on placing links in e-mail messages, on Web sites, or in instant messages that seem to come from a service that you trust, like your bank, credit card company, or social networking site.

What does a phishing scam look like?

Phishing e-mail messages take a number of forms. They might appear to come from your bank or financial institution, a company you regularly do business with, such as Microsoft, or from your social networking site.

In the United States, recent bank mergers have created new opportunities for scammers. For more information, read FTC Consumer Alert: Bank Failures, Mergers and Takeovers: A “Phish-erman’s Special.”

Spear phishing is a targeted form of phishing in which an e-mail message might look like it comes from your employer, or from a colleague who might send an e-mail message to everyone in the company, such as the head of human resources or IT. For details, see Spear phishing: highly targeted scams.

Phishing mail often includes official-looking logos and other identifying information taken directly from legitimate Web sites, and it may include convincing details about your personal information that scammers found on your social networking pages.

The main thing phishing e-mail messages have in common is that they ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data.

The following is an example of what a phishing scam in an e-mail message might look like.

Example of a phishing e-mail message, which includes a deceptive Web address that links to a scam Web site.

To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but actually takes you to a phony scam site (2) or possibly a pop-up window that looks exactly like the official site.

Here are a few phrases to look for if you think an e-mail message is a phishing scam.

“Verify your account.”

Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail.

If you receive an e-mail message from Microsoft asking you to update your credit card information, do not respond: this is a phishing scam. To learn more, read Fraudulent e-mail that requests credit card information sent to Microsoft customers.

“You have won the lottery.”

The lottery scam is a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. The lottery scam often includes references to big companies, such as Microsoft. There is no Microsoft lottery.

“If you don’t respond within 48 hours, your account will be closed.”

These messages convey a sense of urgency so that you’ll respond immediately without thinking. A phishing e-mail message might even claim that your response is required because your account might have been compromised.

What does a phishing Web site or link look like?

Fake, copycat Web sites are also called spoofed Web sites. They are designed to look like the legitimate site, sometimes using graphics or fonts from the legitimate site. They might even have a Web address that’s very similar to the legitimate site you are used to visiting. (For details, see Typos can cost you.

Once you’re at one of these spoofed sites, you might unwittingly send personal information to the con artists. If you enter your login name, password, or other sensitive information, a criminal could use it to steal your identity.

Here’s an example of the kind of phrase you might see in an e-mail message that directs you to a phishing Web site:

“Click the link below to gain access to your account.”

HTML-formatted messages can contain links or forms that you can fill out just as you’d fill out a form on a Web site.

Phishing links that you are urged to click in e-mail messages, on Web sites, or even in instant messages may contain all or part of a real company’s name and are usually masked, meaning that the link you see does not take you to that address but somewhere different, usually an illegitimate Web site.

Notice in the following example that resting (but not clicking) the mouse pointer on the link reveals the real Web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company’s Web address, which is a suspicious sign.

Example of a masked Web address

Con artists also use Web addresses that resemble the name of a well-known company but are slightly altered by adding, omitting, or transposing letters. For example, the address “www.microsoft.com” could appear instead as:
www.micosoft.com
www.mircosoft.com
www.verify-microsoft.com

How can I protect myself from phishing scams?

Keep your operating system up to date, and install up-to-date antivirus and antispyware software.

Your first level of defense against phishing scams and other malicious humans or software is to secure your computer.

Some phishing e-mail contains malicious or unwanted software that can track your activities or simply slow your computer. Try new antivirus and comprehensive computer health services such as Windows Live OneCare. To help prevent spyware or other unwanted software, use Windows Defender. Windows Defender comes with Windows Vista and is available at no charge for Windows XP SP2.

Internet Explorer 7 and the Microsoft Phishing Filter

Even if you don’t use Windows Vista, you should use Internet Explorer 7, which includes the Microsoft Phishing Filter to help protect you from Web fraud and the risks of personal data theft by warning or blocking you from reported phishing Web sites.

With Internet Explorer 7 you get another layer of protection when you visit sites that use Extended Validation (EV) SSL Certificates. The Internet Explorer address bar turns green to alert you that there is more information available about Web sites. The identity of the Web site owner is also displayed on the address bar.

An EV SSL certificate not only helps ensure that the communication with a Web site is secure, but the certificate also includes information about the owner of the Web site, which has been identified by the Certification Authority (CA) issuing the SSL Certificate. For more information contact us.

How does rogue security software get on my computer?
Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the Web.

The “updates” or “alerts” in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.

Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software, so it is important to protect your computer.

What does rogue security software do?
Rogue security software might report a virus, even though your computer is actually clean. The software might also fail to report viruses when your computer is infected. Inversely, sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect.

Some rogue security software might also:

• Lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program).
• Use social engineering to steal your personal information.
• Install malware that can go undetected as it steals your data.
• Launch pop-up windows with false or misleading alerts.
• Slow your computer or corrupt files.
• Disable Windows updates or disable updates to legitimate antivirus software.
• Prevent you from visiting antivirus vendor Web sites.

Rogue security software might also attempt to spoof the Microsoft security update process.

To help protect yourself from rogue security software:
• Install a firewall and keep it turned on.
• Use automatic updating to keep your operating system and software up to date.
• Install antivirus and antispyware software, such as Windows Live OneCare, and keep it updated. For links to other antivirus programs that work with Microsoft, see Microsoft Help and Support List of Antivirus Vendors.
• If your antivirus software does not include antispyware software, you should install a separate antispyware program such as Windows Defender and keep it updated. (Windows Defender is available as a free download for Windows XP and is included in Windows Vista.)
• Use caution when you click links in e-mail or on social networking Web sites.
• Familiarize yourself with common phishing scams.

If you think you might have rogue security software on your computer feel free to contact CLIQS.