Scams that use Microsoft's name or product names

• You have won the Microsoft Lottery
• Microsoft needs your credit card information to validate Windows.
• Fake e-mails or warnings about security updates.

Microsoft does not send unsolicited e-mail requesting personal or financial information.

If you receive an e-mail message that purports to be from Microsoft and requests that you send personal information or click links, do not respond.

You have not won the Microsoft Lottery

Microsoft customers are often targets of a scam, which uses false e-mail messages that promise that you have won "The Microsoft Lottery ".

If you have lost money to this scam, you should report it. You can also send the police report to Microsoft and we will use it to help law enforcement catch the criminals who send out these e-mails.

For more information, see Report Microsoft lottery fraud. You can use the same general guidance that you use to protect yourself from phishing scams to help protect yourself from these e-mail hoaxes.

Microsoft does not need your credit card information to validate your copy of Windows

Microsoft requires that you validate your copy of Windows in order to obtain programs from the Microsoft Download Center and to receive software updates from Microsoft Update.

At no time during the validation process does Microsoft request your credit card information.

In fact, Microsoft does not collect any information such as your name, e-mail address, or other personal details that could be used to identify you or contact you.

To learn more, read the Microsoft Genuine Advantage Privacy Policy. To learn more about the program in general, see About Genuine Microsoft Software.

Microsoft does not send unsolicited communications about security updates

Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident.

Unfortunately, cyber criminals can and have sent fake security communications that appear to be from Microsoft.

Some of these messages lure recipients to Web sites to download spyware or other unwanted software. Others include a file attachment that contains a virus.

How to help verify the legitimacy of a security-related e-mail

• Legitimate notifications do not include software updates as attachments. We never attach software updates to our security communications. Rather, we refer customers to our Web site for complete information about the software update or security incident.
• Legitimate notifications are also on Microsoft.com. We never send notices about security updates or incidents until after we publish information about them on our Web site. Check the Microsoft Security Updates page to see whether the information is listed there.