Security Tips & Talk

Tips about computer security, online safety, and privacy

New research shows rise in “deceptive downloads”

New research shows rise in “deceptive downloads”

Rate This
  • Comments 44

According to the latest cybersecurity report from Microsoft, “deceptive downloads” were the top threat for 95 percent of the 110 countries surveyed.

What are deceptive downloads?

Deceptive downloads are legitimate downloadable programs (usually free) such as software, games, or music that cybercriminals bundle with malicious items.

For example, you might receive a file in email or through social networking, but when you try to open it you see a message that says you don’t have the right software to open it. You do a search online and come across a free software download that claims it can help you open the file. You download that software, but you unknowingly might also be downloading malicious software (also known as “malware”) with it. This malware might have the ability to access personal information on your computer or use your computer for cybercrime.

It could be months or even years before you notice your system has malware.

How can I avoid deceptive downloads?

What should I do if I think I’ve been a victim of a deceptive download?

Do a scan with your antivirus software. If your computer is running Windows 8 or Windows 8.1, you can use the built-in Windows Defender to check for and to help you get rid of a virus or other malware.

If your computer is running Windows 7 or Windows Vista, do the following:

What is the Security Intelligence Report?

The Microsoft Security Intelligence Report (SIR) covers research on computer security, including software vulnerabilities, exploits, and malicious and potentially unwanted software. Volume 16 of the report was released today. If you want to learn more about deceptive downloads and other key findings, please visit Microsoft.com/SIR.

Comments
  • Dear Sir! A Nightmare of" Angst "since yesterday afternoon.Tried to activate my Window 7 yesterday,after my Computer failed to start. Eventually after it was fixed my Computer started to play up. Stop start,stop startFinally i got through to Microsoft the 1800 number.Finally i actually got a Person to talk to and give me the activation Code.I thanked him and with in 5 Minutes the Microsoft " FAKE " Company rang on my Landline and told me that my Computer had a Virus they discovered and needed to get in to my Computer. I innocently gave permission to let them in my Computer. There the Mouse Arrow went Mental. Here,there,up and down and the Microsoft Guy told me to hang on awhile till the Technition fixed the Problem. Now Microsoft wanted my Credit Card Number for fixing it$16.70 I said OK i will post it .No,No he insisted of my Credit Card Numbers .me the Idiot actually gave him my Card Number.I got a funny feeling about this,though i just said ,dont worry about fixing the Rest of supposed viruses and hung up .I immediately turned my Computer of.I pulled my Modem Line out of the Computer and turned of my Modem.I told my Wife about this,that within 5 Minutes of hanging up on Microsoft "Real" the fake Microsoft rings me up and starts telling me about my activation code ECT.I presume 99% that the Guy in the Real Microft sells the information to those Croocks. To day i found out that they cashed in Goods for $268.00 and more goods have not leard yet with my Credit Card jet.Well the Credit card has been stopped but still wondering how these Guysgot my Details within 5Minutes   !!!!!!!!~

  • MIcrosoft will not just call and say " you have a virus" or instruct you to give them access to your computer. NEVER give your Credit card information or give out personal information to any one who contacts you via a phone call or via email.

    Also it's waste of time to try and debate with the person who called you. Just hang up.

    SlimLine ~ There many ways that the person could have got your information. I would find it hard to believe That a person that is gainfully employed with a company as great as Microsoft would risk loosing a great job and a career plus Microsoft certifications just to sell information to a low life scammer. Microsoft pays awesome wages. over the top wages mind you.....Plus countless other benefits

    I think you should look into what programs you have on your computer. You most defintley have a key-logger installed and it alerted  the scammer that you went to Microsoft.com. Thats how to are able to run the scam. by calling right after you have made contact your self. this leads you to believe that it is a legitimate call...

    Get a good firewall set first, so the bad virurs can not " talk" to its master, There are some awesome free firewalls, go to download.com and look for comodo firewall, Its great and it has an option to shut down all programs connections, or ask you every time a program wants to access the interent. You can also use the built in windows firewall, but chances are it has been compromised already.

  • I have received multiple calls from someone who mumbles something tech support, I assumed it was rogers,but figured it out rather quickly that it was not, it was a private company, they asked me to turn on my computer, it was on, but they claimed there was a problem that windows update could not fix, but to fix it all I needed to do was download some software which would have given them administrator rights and total control of my computer, they didn't know my ip address but would tell me in a few minutes, yeah once they had control, I told them I didn't have the time to explain it but I was not going to download this type of software from a private firm said goodbye and hung up they immediately called back several times until I told them to stop, I have received several more calls from the exact same person, and last time he said F.Off and hung up on me, I contacted Rogers thinking they might want to warn their users of this scam but they didn't seem to care, I mentioned it to my brother once and he said they had called him as well but he was not even running windows, he had a Mac, the later calls had them imply they were with Microsoft but never actually say it. Just thought I would let you know. I have never had a problem with a virus or spyware but I am cautious and I often use a free program called EULAlyzer from a company called Brightfort (formerly javacool software) that allows you to analyse end-user-license-agreements, don't just click agree, it scans it for you and then reports what it finds to you and you can submit the results if you want, pro version has auto-updates. AS most of us know these can be very long documents so most don't read them but you should, this program makes it  easy as it finds any references to 3rd parties for instance and shows you them. I run distributed computing so my system runs 24/7 and used to do a lot of Beta Testing of software. I am also a very pre-internet user but have to admit that the computer I bought in early 2010 with a rather expensive motherboard as I was running 3 5870's, the 5900's were just released it's an ASUS P6T6 WS Revolution but when Windows 8 was released it didn't pass the test run, some security problem with the motherboard. The technology seems to get smarter, hence smart phones but the users need to as well.

  • My English is not so good,that I can understand all. What´s about german language?

  • I participated in the following thread over a year ago, I think it was regarding this scam.  I still get emails whenever someone posts there. Please see:

    Microsoft Community

    logmein123 scam: received a call saying my antivirus was corrupted

    Don't believe anyone who calls and says they know anything about what's going on with your computer, just hang up on them. They are lying and scammers.

  • These same scammers are actually paying search engines to place their 1-800 numbers at the top of the search results. Be sure you are actually calling Microsoft when you a finding a number on the Internet. Same goes for any other software support number, especially antivirus companies. Scammers will answer the phone appropriately based on the 1-800 number you dialed. Most legitimate companies do not list 1-800 numbers but provide support via on line chat through their websites.

  • This information is very helpful to me but I have been fleesed out of about $700.00 by various companies that were supposed to fix my computer but left some of the viruses there, while taking my money.  I am a senior citizen on a limited check each month and not sure of what to do at this point.

  • I strongly advise our readers to look out for " Inbox Toolbar". It is an unwanted software that will install itself on your computer unknowingly,It will take cotrol of it, and you wont be able to uninstall it without an effective help!

  • I've been getting numerous phone calls lately from people with Indian-sounding accents.   They begin by saying that Microsoft has been getting error reports from my computer.   To one person I replied that I don't have a computer and that person immediately hung up on me.   But mostly I just hang up without engaging in any conversation, because I believe that this is just a scam.   Today I replied that I would call Microsoft myself and hung up.

    so what do you think?  scam?

  • Rule number one:  Use common sense.

    Rule number two:  Always refer back to rule number one.

    Also, to Paul D., thank you for mentioning EULAlyzer.  I'll look into it.  I'm always careful with EULAs, but I'd welcome a program like this, if it's good.

  • Im needing advise as to What Free Antivirus that is Safe and Secure - untl I decide on what is best Antivirus if payment required, what is thebest Free antivirus that can be downloaded safely and also best Paid one to get?, as Im needing continued protective -after a Computer Guy came out and was supposed to have fixed orignal problem/s with my 2002 version of Computer, Windows XP, and set me up with Bitdefender a couple of weeks ago - of which he charged me £70.00 to supposedly have fixed my Computer and removed any viruses, only to discover recently the Bitdefender anti virus he set me up with is now showing inactive - What can I and Should I do and advice needed on which is a safe free antivirus and paid one to get?, and seeing as both my Internet service provider has since stopped the extra £3.00 a month antivirus protection, and told they are, and have been searching, trying to find a more secure antivirus, and Microsoft also having stoppedtheir Antivirus security protection.

    And after a recent incident where 3 attempts were made to withdraw money from my Account - Korea, need to be 100% Safe and Secure with a Safe abd Secure antivirus of some kind.

  • I simply tell them I do not own a computer, they have all quit calling me!! EASY!!

  • Does anyone know anything about the software Webroot Secure Anywhere?  

  • My girl friend got a call this morning from a person calling himself Shawn Parker. Shawn said that he was from a Microsoft support facility and that there was a hole in her firewall. He said viruses had gotten into her computer and were slowing it down. He wanted her to give him access to her computer so he could "fix" the problem. She told him that she had to check with me first. He gave her his number to call him back [(321)332-0208 which by the way is supposedly in Orange County, FL]. I called him back, but a "supervisor" got on the phone and said that he would have to call me right back to speak with me. The number he called from [(767)275-9067] is supposedly on the island of Dominica in the West Indies. I provide these numbers so you know that these are scam numbers. He asked me to access the Administrative Events via the Start Menu>Computer (right click)>Manage>Event Viewer>Administrative Events (double click). As this shows all of the errors that ever occurred on the computer and as there are usually a number of them, it can cause a non-techy concern. He then had me use the Windows + R combo to access the Run window. I entered cmd.exe and hit enter to bring up the Command Window. Typing assoc and hitting Enter showed all the extensions and the files associated with them. At or near the bottom there is a line that contains the characters CLSID followed by what appears to be a serial number. He then reads the characters in the "serial number" to prove that he is really from Microsoft. The only thing is that the "serial number" string is neither computer nor operating system specific. It is the same on all of the computer and operating system combinations that I have access to. Be forwarned about this scam as it is easy for people unfamiliar with Microsoft practices to be fooled by it, even those who consider themselves to be knowledgeable about computers.

  • I got an email from usps .com saying to click for shipping label for package that wasn't delivered.  Because we were expecting a package, I clicked.  Got a couple major trogans.   it took MS support two days to get rid of.  All MS Defender could do is say it was infected and warn me over and over again.  It tried but failed to solve the problem.  It took several installed and later dumped malware fix it programs to rid it from my machine.  My sister got same email- I called her and said DONT OPEN!

    Notice that there is a space between the 's' and the dot.

Page 1 of 3 (44 items) 123