Don’t be fooled by ‘scareware’ | Asif Jinnah, UK Field Area IT Manager
Asif is a member of the EMEA leadership team and a central point of contact between business units and IT divisions within Microsoft. He works closely with the UK executive leadership team to transform IT around the business. Asif is currently the voice of Microsoft in its “How Microsoft does IT” executive-level showcase presentation, and represents the UK security community as a speaker on industry trends and safeguards.
|
Question: I keep getting ‘pop-ups’ on my PC saying that there is an update ready to install. How can I tell whether or not it’s real or spam? I thought that if you had a genuine copy of Windows, you got automatic updates? I’ve heard stories of ‘scareware’ packages which supposedly pop up screens that tell you there’s something wrong with your PC and that you need to buy software to fix it. How do I know what’s genuine and what isn’t? - Toby
Answer: Hi Gerald, Thank you for your query as many others are probably asking the same questions. In the growing era of online security threats and ‘scareware’ we all need to ensure system and data integrity is high on the priority list. With regards to recognising if security updates are spam or genuine, let me say straight off, if you receive a vulnerability notification by email or Instant Messenger, it’s not from Microsoft – we never send updates in this way.
Fortnightly updates
Microsoft issues security updates on the second Tuesday of every month. In the case of Windows Vista and XP, several options mean you can:
| • | Choose never to check for updates - which isn’t recommended | | • | Check automatically for updates and choose when to download and install them | | • | Download updates automatically, then decide which ones to install and when to do it | | • | Check automatically for updates, then install them when it’s convenient to you. |
At Microsoft, we also have an online validation process that enables you to verify that your Windows software is genuine by going to the Genuine Microsoft Software homepage and clicking ‘Validate Windows’. It takes only a few moments, and once completed, allows you to access genuine Windows downloads quickly thereafter.
 Only by using genuine software can you be sure you’re receiving the latest features, security and support to help improve your productivity. 
Once you’ve set up your system to receive automatic updates, you’ll be notified each time via the task bar of your computer and prompted to validate the software. This process reduces piracy by associating your Product Key - the 25-character security code located on your Certificate of Authenticity (usually attached to your software package, PC, or laptop) - to a PC hardware key. Microsoft stores this information in a database so that no one else can use your Product Key on another PC.
The dangers of counterfeit software
The risk in installing counterfeit software is that it will almost certainly have been copied from an authentic source to avoid paying Microsoft for the product. This can result in a duplicated or invalid installation key which may prevent registration. Updates can only be downloaded by registered users - other so-called updates will not provide the functionality of the genuine product because the key is fake. What’s more, because the product will have been modified, it might also introduce malware like viruses to your PC.
Only by using genuine software can you be sure you’re receiving the latest features, security and support to help improve your productivity. When buying software:
| • | Always buy from a reputable source | | • | If the price of the software seems too good to be true, then it probably is | | • | Ensure the outlet where you buy it has a returns policy | | • | Check the packaging to ensure it’s authentic before you purchase | | • | Examine how it’s sealed - is it shrink-wrapped and security-sealed as it should be? | | • | Check for the manufacturer’s logo, print quality, spelling, hologram - it may give you a clue | | • | Make sure the packaging or disks aren’t marked ‘not for resale’ or ‘OEM only’ and that they are the version you ordered. |
Don’t help the pirates
Software piracy is illegal and carries heavy penalties - and that includes exceeding your permitted number of installations of the software or sharing it with friends. Software development is an expensive business and piracy hurts developers. It means they can’t devote as much resource to developing and maintaining products. As well as being illegal, it also hurts consumers in the long run because their products are not as well supported as they might otherwise be.
Better safe than sorry
Returning to your original question, my advice is never purchase software in response to a ‘pop-up’ - even if it does tell you there’s an issue and you need to buy software to fix it. As with any email link or attachment, you should only ever open or click them if you know they come from a trusted source. If an update comes as a ‘pop-up’, be suspicious and consult your ‘pop-up box’ which has a button enabling you to check its source. Lastly, don’t be tempted by so-called ‘free’ software from an unknown source - the chances are it will contain some form of malware. Better to be safe than sorry, as they say.
I hope this helps. There is much more on the benefits of genuine software on the Windows Genuine Advantage programme homepage.
--Asif
Combating the ‘scareware’ scourge
As part of its ongoing efforts to protect customers and partners from the risks of pirated and counterfeit software, Microsoft and Washington State's Attorney General recently filed several lawsuits against "scareware" merchants who frighten consumers into buying bogus software. They stand accused of conning people into believing their computer is damaged or corrupted, then persuading them to buy software purporting to fix the non-existent problem. Among the bogus programs in question are Scan & Repair, Antivirus 2009, MalwareCore, WinDefender, XPDefender and WinSpywareProtect.
Microsoft estimates that as many as 50% of computer crashes reported to its customer support lines can be blamed on spyware infecting their machines. A recent report from North Carolina State University found that most internet users are unable to tell the difference between genuine and fake ‘pop-up’ messages. "This study demonstrates how easy it is to fool people on the web," said the report’s co-author and professor of psychology, Dr Michael Wogalter. Despite being warned some messages were fake, people still hit the OK button 63% of the time.
The Windows Genuine Advantage programme (WGA)
Part of our commitment to protecting customers and partners from counterfeiters through education, engineering and enforcement of policies and laws, WGA differentiates the value of genuine Windows software from counterfeit software. It lets you enjoy the capabilities you expect, the confidence that your software is authentic, and the ongoing system improvements that help you do more with your PC.
WGA gives small businesses the confidence of knowing that they are running reliable, dependable, and secure software, which is critical to meeting customers’ needs. Small businesses that validate their systems as genuine have access to free downloads, tools and content to help them be more productive. What’s more, small businesses can take advantage of the resources available through the Microsoft Small Business Centre, which features case studies, videos and other valuable resources.
|
