When you read email or surf the Internet, you should be wary of scams that try to steal your personal information (identity theft), your money or both. Many of these scams are known as "phishing scams" because they "fish" for your information.
- How to recognize scams
- How to report scams
- What to do if you think you have been a victim of a scam
- Tools to help you avoid scams
How to recognize scams
New scams seem to appear every day. You can learn to recognize a scam by familiarizing yourself with some of the telltale signs.
Scams can contain the following:
- Alarmist messages and threats of account closures.
- Promises of money for little or no effort.
- Deals that sound too good to be true.
- Requests to donate to a charitable organization after a disaster that has been in the news.
- Bad grammar and misspellings.
Here are some popular scams that you should be aware of:
Scams that use the Microsoft name or names of other well-known companies. These scams include fake email messages or websites that use the Microsoft name. The email message might claim that you have won a Microsoft contest, that Microsoft needs your logon information or password, or that a Microsoft representative is contacting you to help you with your computer. (These fake tech-support scams are often delivered by phone.)
Lottery scams. You might receive messages that claim that you have won the Microsoft lottery or sweepstakes. These messages might even look like they come from a Microsoft executive. There is no Microsoft Lottery. Delete the message.
Rogue security software scams. Rogue security software, also known as "scareware," is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure you into participating in fraudulent transactions. These scams can appear in email, online advertisements, your social networking site, search engine results, or even in pop-up windows on your computer that might appear to be part of your operating system, but are not.
How to report a scam
You can use Microsoft tools to report a suspected scam.
- Internet Explorer. While you are on a suspicious site, click the gear icon and then point to Safety. Then click Report Unsafe Website and use the web page that is displayed to report the website.
- Hotmail. If you receive a suspicious email message that asks for personal information, click the check box next to the message in your Hotmail inbox. Click Mark as and then point to Phishing scam.
- Microsoft Office Outlook. Attach the suspicious email message to a new email message and forward it to email@example.com.
What to do if you think you have been a victim of a scam
If you suspect that you've responded to a phishing scam with personal or financial information, take these steps to minimize any damage.
- Change the passwords or PINs on all your online accounts that you think might be compromised.
- Place a fraud alert on your credit reports. Check with your bank or financial adviser if you're not sure how to do this.
- Contact the bank or the online merchant directly. Do not follow the link in the fraudulent email message.
- If you know of any accounts that were accessed or opened fraudulently, close those accounts.
- Routinely review your bank and credit card statements monthly for unexplained charges or inquiries that you didn't initiate.
Tools to help you avoid scams
Microsoft offers several tools to help you avoid phishing scams when you browse the Web or read your email.
- Windows Internet Explorer. In Internet Explorer 8, the domain name in the address bar is emphasized with black type and the remainder of the address appears gray to make it easy to identify a website's true identity. The SmartScreen Filter in Internet Explorer also gives you warnings about potentially unsafe websites as you browse.
- Windows Live Hotmail. Microsoft's free webmail program also uses SmartScreen technology to screen email. SmartScreen helps identify and separate phishing threats and other junk email from legitimate email.
- Microsoft Office Outlook. The Junk E-mail Filter in Outlook 2010, Outlook 2007 and other Microsoft email programs evaluates each incoming message to see if it includes suspicious characteristics common to phishing scams.