Microsoft has officially announced that our civil case against the operators of the Rustock botnet (a major source of spam) has been closed and our teams have turned over the information we’ve gathered to the FBI.
The Rustock botnet is considered one of the largest sources of spam on the Internet and our case is helping to reduce the effects of the botnet and ensure that it will never be used for cybercrime again.
Learn how to clean an infected computer and help protect your PC with botnet protection and avoid malware.
What is the Rustock botnet?
The Rustock botnet is a network of infected computers controlled by cybercriminals and used for spam, fraud, and other cybercrime. The owners of infected computers probably had no idea that their computer was being used to send spam.
What did the Rustock botnet do?
Most of the spam messages generated by the Rustock botnet promoted counterfeit or unapproved generic pharmaceuticals from unlicensed and unregulated online drug sellers. Rustock spam also used Microsoft's trademark to promote these drugs. In another scheme, Rustock-generated email lured people into lottery scams in which spammers attempted to convince people that they had won a lottery. The victims were told that they needed to send the spammers money to collect the larger lottery winnings.
Help protect yourself against these kinds of email and web scams.
Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of Rustock’s operators. Any tips should be sent directly to the FBI at [email protected].
More information about the Rustock botnet
If you’re a parent, guardian, or a caregiver for kids, parental controls can help you control the content that your kids see on the Internet or on their Xbox. You can use parental controls to help support your own house rules and you can even customize them to fit a child’s age or maturity level.
The Family Online Safety Institute recently released the Parents’ Views of Online Safety study (sponsored by Microsoft) that found just over half of all U.S. parents say they’ve used family safety software to limit or monitor their child’s Internet use.
Compare family safety tools from Microsoft.
Read more.
What’s your experience with parental controls? Tell us about it in a comment below.
To get an engineer’s perspective about how Microsoft SmartScreen and Windows Defender will function in the next version of the Windows operating system, read Building Windows 8: Protecting you from malware or watch the video below.
We recently received this email:
“My Hotmail account was hacked and taken over by the classic ‘I'm in London and I’ve been mugged’ scam. It appears that the hacker has changed the basic verification information on the account and every attempt to reset the password throws me into an endless loop.
How to get my account back?”
It sounds like the author of this email has already tried to reset the password on the account manually. If you’re locked out of your account, the first thing you should always do is attempt to reset your password. Here are a few ways you can do this:
First, enter your Windows ID. Then, in the Windows Live ID text box, enter the characters you see in the picture, to prove that you’re not a machine.
Next, you’ll see a screen that offers you options to recover your password using an alternate email address or a mobile phone. If you haven’t associated your account with these alternatives, choose customer support.
Last month, we told you how to recycle an old PC more safely. We suggested that you use an authorized refurbisher or disk-cleaning software to make sure that all of your personal information was removed from your computer before you gave it away.
Since we posted that information, we’ve received some feedback asking us to go into more detail about how you can remove this information yourself.
Empty your recycle bin. It’s not enough to delete files and send them to your computer’s recycle bin. You also have to empty the bin. To do this, right click the Recycle Bin on your desktop and point to Empty Recycle Bin. This sounds pretty basic, but easy to forget.
Delete documents that might contain sensitive or personal information. Do you keep a password file on your computer? How about tax or other financial records? Delete these and other personal documents before you give away your computer. Then empty your recycle bin…again.
Delete your Internet browser’s cache cookies, and history. If some websites have saved your password so you can log in quickly, make sure you delete it from all of those websites, so a hacker can’t do the same. Learn how to delete your browsing history in Internet Explorer. And then empty your recycle bin again. It’s fun!
It’s not enough just to empty the recycling bin. What? But you’ve gotten so good at it. The truth is that when you empty your recycle bin you protect your personal information from inexperienced data thieves. The most expert hackers, however, know how easy it is to recover information, even when it’s been deleted from a recycling bin. To be safe, use software that overwrites your information with random ones and zeros. You can get some recommendations for free and inexpensive software in this article, about how to protect and purge your personal files.
More information about how to prevent fraud.
Microsoft releases security updates on the second Tuesday of every month. Today Microsoft released 5 security updates.
Get the updates.
Watch a video about the updates.
To get more information about security updates and other privacy and security issues delivered to your email inbox, sign up for our newsletter.
Today the Microsoft Security Response Center (MSRC) posted details about the September security updates. On Tuesday, September 13, 2011, at approximately 10 AM Pacific Time, Microsoft will release 5 bulletins.
The easiest way to get security updates when they're available is to turn on Windows automatic updating. For more information about how this works, see Understanding Windows automatic updating.
The Microsoft Security Bulletin Advance Notification Service offers details about security updates approximately three business days before they are released, which allows customers (especially IT professionals) to plan for effective deployment of security updates.
Advanced Notification includes information about:
For more information about the security updates that will be released on September 13, see Microsoft Security Bulletin Advance Notification for September 2011.
For official risk and impact analysis, as well as deployment guidance, visit the MSRC blog. If you are on Twitter, you can follow @MSFTSecResponse.
Digital citizenship is usually defined as a set of standards of behavior for technology use. Adults, teens, and even younger children can learn how to be good digital citizens.
On September 8, 2011 Microsoft released a white paper about digital citizenship and results from a teen reputation survey, to promote the concept of digital citizenship. The idea is to help people become better digital citizens, and to show our customers what Microsoft is doing to promote safer online habits and practices for all. . More information
Create multiple user accounts to increase your online security and your family’s privacy.
We recommend that you create a standard user account and log on with that account, rather than an administrator account, even if you’re the only one who uses your computer. An administrator account is a user account that lets you make changes that will affect other users. A standard user account does not.
When you log on with an administrator account, you put your computer at risk. It's more secure to use a standard user account instead of an administrator account because if a cybercriminal accesses your computer when you are using a standard account, you can prevent that cybercriminal from making changes that affect everyone who uses the computer.
You can create a user account for each person who uses your computer, and each person can log on with a unique profile and his or her own Desktop and My Documents folder.
When you’re logged on to Windows with a standard account, you can do almost anything that you can do with an administrator account although if you want to do something that affects other people who use the computer (such as installing software or changing security settings) Windows might ask you to provide a password for an administrator account.
You can give yourself an Administrator account and give your children standard user accounts. When you use a standard user account, you cannot change system settings or install new hardware or software, including most games, media players, and chat programs. Remember to use a limited user account when you don’t need to do administrator tasks.
How to create standard user accounts in:
The Microsoft Privacy Team and the Microsoft Online Safety Team have gathered all the latest news in privacy and online safety, so you don’t have to.
If you like what you see below, follow @MSFTPrivacy and @Safer_Online.