When you buy an Android app from the Google app store, they give the app maker your full name, email address and the neighborhood where you live. This occurs without clear warning every single time you buy an app.
If you can’t trust Google’s app store, how can you trust them for anything?
See the original post at http://bit.ly/XO17F7
So, you may be asking yourself: why is the EFTPS contacting me? And who the heck is EFTPS?
It’s likely a phishing atempt.
The EFPTS is a service offered free by the U.S. Department of the Treasury to help business and individual taxpayers conveniently pay all their federal taxes electronically (as noted on their website). This time of year, people receiving an email from the EFPTS may be concerned as they may make Federal tax payments on line in the States
But, as noted on their home page the EFTPS, this is someone trying to get your bank information and other personal identifying information, also known as “PII”. This from their home page at https://www.eftps.gov/:
Remember! EFTPS values your privacy and security and will never attempt to contact you via e-mail. If you ever receive an e-mail that claims to be from EFTPS or from a sender you do not recognize that mentions a payment made through EFTPS, forward the e-mail to phishing@irs.gov or call the Treasury Inspector General for Tax Administration at 1.800.366.4484.
After reporting a phishing attempt, you will receive an email from the IRS confirming your submission:
Please note that the IRS does not contact individuals by email.
Therefore, if you received an email claiming to be from the IRS it is a phishing attempt and should be reported to us.
Additional information on IRS phishing can be viewed here:
http://www.irs.gov/newsroom/article/0,,id=155682,00.html
Additional information on avoiding phishing scams can be viewed here:
http://www.antiphishing.org/consumer_recs.html
So, if you receive a mail from someone at the EFPTS, it’s likely not genuine. You may forard the mail (as an attachment is best) to the EFPTS as noted above.
For more info to avoid getting caught in a phishing scheme, see my post “Did you win £450,000 in a “Microsoft Lottery”? Think again: it’s a phishing attempt“.
Tags: Windows Vista, Security, what I read, twitter, Microsoft, Windows 7, Microsoft Security Essentials.
Clubhouse Tags: Clubhouse, how-to, Security, download, Microsoft Security Essentials.
Also available via http://bit.ly/axLzc2
![MC910216371[1]](https://msdnshared.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/52/04/metablogapi/7823.MC9102163711_1215AB30.png "MC910216371[1]")
I was asked today…
I received a message in my email on behalf of Microsoft from the National Lottery International [stating] "A certificate of winning and other certificates including your winning cheque of Four Hundred and Fifty Thousand Great Britain Pound Sterlings has been sent to us by the claims officer of overseas Winner of the Microsoft National Lottery."
Is this real?
Nope, sorry… See this post at http://spamemailgraveyard.com/2010/04/microsoft-notification.html.
As I noted in my prior post, "Did you win One Million Euros in a Microsoft Lottery? Think again: it’s a phishing attempt", a lottery scam is a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. The lottery scam often includes references to big companies, such as Microsoft.
In short: there is no Microsoft lottery.
For more information on how to protect yourself from fraudulent emails, please see Microsoft’s Anti-Phishing Site, and my posts on Phishing: Don’t get caught and FYI: new scams featuring the IRS logo to get your PII.
Other related links and resources…
Tip from the Microsoft Anti-Phishing site: To see updated examples of popular phishing scams or to report a possible phishing scam, visit the Anti-Phishing Working Group Archive.
Tags: Microsoft, your questions, email, phishing, Security.
Also available at http://bit.ly/bAhewb
As I Tweeted today, over the weekend I read Paul Cooke’s Windows Security Blog post on Windows 7 Vulnerability Claims. (I’ve added a few links if the terms are unfamiliar to you.)
"…most people don’t knowingly have and run known malware on their system. Malware typically makes it onto a system through other avenues like the browser or email program. So while I absolutely agree that anti-virus software is essential to protecting your PC, there are other defenses as well.
"Let me recap some of the Windows 7 security basics. Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware. This includes features like User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) to name just a few. The result, Windows 7 retains and refines the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released.
"Beyond the core security of Windows 7, we have also done a lot of work with Windows 7 to make it harder for malware to reach a user’s PCs in the first place. One of my favorite new features is the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter was built upon the phishing protection in Internet Explorer 7 and (among other new benefits) adds protection from malware. The SmartScreen Filter will notify you when you attempt to download software that is unsafe…"
I agree with Paul and that you should run anti-virus software on Windows 7; our Microsoft Security Essentials is one such way to help keep your PC free of such issues and is available for free.
But you also need to remember: don’t be a victim… be a participant in your own rescue. (So says our COO Kevin Turner, paraphrased ;).
As I noted in an post from 2006, no matter what OS you run, it doesn’t matter: be prepared. Make you that you have the latest updates to all of your software. Generally, consumers should set up their computers install updates automatically: Windows users may do this by ensuring Automatic Update (AU) is turned on to get the latest updates. (In managed environments (like corporations where an IT Pro manages your machine), talk to your administrator to learn about your updates.) You can also visit Windows Update for the latest updates, but the easiest way is to turn on AU.
"In a comment I received to a recent blog posting on being careful when it comes to viruses, I wanted to mention something when it comes to computer security: whether you have a PC or a Mac, you will have to be concerned about security and protect yourself.
If you own a computer – PC or Mac (and we have both at home) – you should run AV software, have a firewall on your internet connection and practice "safe computing."
"But we have to be careful to reach broad-based conclusions. It’s better to anticipate an attack and be prepared and protected rather than hope that you won’t be the victim of an attack. As I said in a past post, see our Security at home site for more ideas on how to protect your computer. It has info on avoiding online scams with the Microsoft Phishing Filter, anti-virus, anti-spyware, security updates, Office and Windows update tools… well worth your time. Mac users can look here on Apple’s site for more info on protecting your Mac."
For Mac users, of interest is eWeek’s Larry Seltzer’s article on "What Will Apple Do When the Malware Comes?"
As noted in my post earlier this year, follow these six tips for staying safe online, as provided in this article in the Seattle Times on cybersafety:
Pay particular attention to that last item. As I wrote here, you should only download software from a trusted source – for example, via Microsoft for our products and service – and avoid peer to peer to save yourself an additional security risk.
Additional information and guidance:
Tags: Windows Vista, Security, what I read, twitter, Microsoft, Windows 7, Microsoft Security Essentials.
Clubhouse Tags: Clubhouse, how-to, Security, download, Microsoft Security Essentials.
Also available via http://bit.ly/3ip7YF
As I recommended today, friends don’t let friends download bad things from peer to peer. So wait until the official downloads to the Release Candidate (RC) of Windows 7 are available.
As noted online today, the Windows 7 RC posted today (April 30th) for TechNet and MSDN subscribers. Materials provided here include info on the official press release, Q&A and more. Learn what’s new in the release candidate and hear from Microsoft partners about how they’re preparing today for Windows 7.
MSDN and TechNet subscribers can get the bits at http://technet.microsoft.com. Broader public availability will begin May 5 on the Microsoft Download Center at http://microsoft.com/downloads.
A personal note: please don’t use P2P to get Windows 7 Release Candidate, as has been noted in the in the news. See this page for info on getting bits from Microsoft http://bit.ly/uJATN. As Roger Halbheer (in his blog on Security) offers reasons why you should not use P2P Windows 7 Builds…
“… I refrain from downloading it from any of the untrusted sources. The reason for this is pretty simple: You never know (and it is illegal).
“Years back (and I have told this story over and over again) we ran an event where we fixed PCs of consumers for free for a whole week. Pretty often, when we found an infected machine, we found P2P software on it. When we talked to the person owning the PC he/she usually told us the “my son/daughter installed that and uses it”. We know that P2P is one of the most dangerous source of malware.
“Read now, what happens with Windows 7: Leaked Windows 7 RC torrents infected with trojan“
Plan accordingly. And please remember to back up your files before installing the RC.
Tags: articles, blogs, Windows 7.
Also available at http://tinyurl.com/dkl8jm or http://bit.ly/L9PaO
