Microsoft Malware Protection Center

Malware Protection Center

Account

Security software
- - Get Microsoft software
    
    Download and compare our software
    
    Microsoft Security Essentials
    
    Windows Defender
    
    Malicious Software Removal Tool
    
    Safety Scanner
    
    Windows Defender Offline
    
    Windows Intune
    
    Diagnostics and Recovery Toolset
    
    System Center 2012 Endpoint Protection
- - Updates
    
    Latest updates
    
    Pre-release updates
    
    Changelog
- - Help
    
    Updates don't work
    
    Common error codes
    
    Frequently asked questions
Malware encyclopedia
- - Common malware types
    
    Exploits
    
    Ransomware
    
    Rogues
    
    Rootkits
- - Malware reference
    
    Latest threats and malware search
    
    How we name malware
    
    Glossary
- - Help
    
    Recurring infections
    
    Can't clean an infection
    
    Prevent malware infections
    
    Tips for dealing with malware
Our research
- - Latest research
    
    Malware research
    
    Threat reports
    
    Conference papers
    
    Security Intelligence Report
    
    MMPC blog
- - Certifications
    
    Evaluating our protection
    
    Antivirus testing providers
For vendors
- - Vendor resources
    
    How we classify potentially unwanted software
    
    Dispute a detection
    
    Report a false positive
- - Submissions
    
    Submit a malware sample
    
    Submission help
Help
- - Software and updates
    
    Update Microsoft security software
    
    Updates don't work
    
    Common error codes
    
    Why you should update
    
    Update Java, Adobe, and Flash
    
    Update other Microsoft software
    
    Frequently asked questions
- - Malware
    
    Recurring infections
    
    Can't clean an infection
    
    Prevent malware infections
    
    Tips for dealing with malware
- - Other help topics
    
    Dispute a detection
    
    Report a false positive
    
    Submit a malware sample
    
    Submission help
    
    General help to stay safe online
About
- - About us
    
    The MMPC
    
    Evaluating our protection
    
    Protection and performance whitepaper

Follow:

Expand all

What do I do if I think someone has hacked my email account?

How can I tell if my email account has been hacked?

If a hacker gets access to your email account they will usually use it to send out spam. If you’re using the same sign-in for other websites - such as online banking, social media or App Stores - they could use those accounts to steal your money or attack other people.

The first sign that something’s wrong is when your friends and family start asking why you sent them a strange email with suspicious attachments or links to websites.

What should I do now?

The first thing you should do is run a complete scan of your computer using up-to-date security software.

Download Microsoft security software

You should then change the password for any account that uses the same password as your email. It's as if you've lost a key - you should change all the locks that use that key. Make sure you use a strong password for all your online accounts.

This is also a good time to remind your friends and family to be aware of suspicious emails, even when they come from someone they know. It may be a good idea to send an email to let everyone know your account was hacked.

How did this happen?

The most common ways a hacker gets access to your account are:

Using a computer infected with spyware
Opening malicious attachments in a spam email
Clicking on links to a malicious website
Not using strong passwords

Following a few tips can help keep you protected:

Keep your security software up-to-date
Use strong passwords for all your online accounts
Don’t open suspicious email attachments or click unusual links in emails
Be wary when using a public computer
Make sure your operating system has the latest updates
Never reply to an email that asks for personal information

If you receive a suspicious email from a friend or think their account may have been hacked, you can report it using the “My friend’s been hacked” feature in Outlook.com.

How do I submit suspected spam emails to Microsoft?

Microsoft helps you do that in a few ways:

If you're using Microsoft Office Outlook, you can download and install the Microsoft Junk E-mail Reporting Add-in. Once installed, go to the Home tab and click Junk, then Report Junk:
If you're using Outlook.com, you can report spam emails by selecting the emails, then clicking either Junk (for junk or spam emails) or Phishing Scam (for emails that try to get you to send information like passwords and bank account details):

Other ways to report junk emails are outlined here:

What do I do if I think someone has gained access to my Skype account?

We often receive reports from people asking what they can do if they think someone else has their Skype name and password. If you believe that your account has been compromised, you can find out what you can do from the following sites.

If you want to report abusive behavior in Skype, for example an unknown contact who keeps sending you links to malware, see this page from Skype:

How do I report abuse by someone on Skype

If you want to report that your Skype account has been taken over by another person, see this page:

What can I do if someone has taken over my account

Skype also offers tips on how to identify fake emails pretending to be from them at this page:

How do I know that an email is really from Skype

And just for good measure, if you believe your Outlook.com account has been compromised, see this page:

My Outlook.com account has been hacked

What do I do if I think someone has gained access to my Facebook account?

Here’s what you can do if you think your Facebook account has been compromised.

If you think that you or your friend's Facebook details have been stolen, see this page from Facebook:

Hacked accounts

For tips from Facebook on how to identify suspicious emails and notifications about your account, see this page:

Suspicious emails and notifications

If you believe your Outlook.com account has been compromised, see this page:

My Outlook account has been hacked

And remember, just because we're used to malware and scams coming through email doesn't mean they can't come through other social channels, too.

How do I protect myself from Java exploits?

Have you ever had a Java exploit detected on your computer? Exploits are malicious code that attempts to exploit a vulnerability in a specific program (in this case, Java), and are one of the most insidious threat-types we observe. Java exploits are particularly common, but there are a few ways you can help protect yourself from these threats:

Make sure you have an up-to-date antimalware solution like Microsoft Security Essentials
Get the latest Java updates; this will prevent you from being vulnerable to threats that exploit older versions of Java (or, if you're no longer using Java, you might consider disabling it)
Remove older versions of Java so that you won't be vulnerable to exploits that target older versions
You can read more about how you might encounter Java exploits, what you can do if you are infected, and steps you can take to help avoid being exploited again in the following article:
- The curious case of the Exploit:Java/CVE… infection

I got a call from someone claiming to work for Microsoft telling me that I have malware on my computer – what do I do?

A number of government agencies from across the world have disrupted “Microsoft imposter” scams. The scam involves criminals pretending to be from Microsoft who call and inform you that your computer is infected with malware. To “clean” your computer, the criminals then request a fee or remote access to your computer (or both).

Based on the feedback we’ve received from you we know this scam was widespread and extremely frustrating for every person it affects.

However, it’s likely there are many more scammers out there – either continuing with this scam, or devising new ways of stealing your information and your money. As we wrote before,

Do not trust these callers
Do not provide them with any personal information
Do not allow them to install software
Do not give them your credit card details

For more information on computer fraud, visit the Microsoft Safety and Security Center:

My antivirus just detected a Win32/Keygen infection – what does that mean?

One of our most often reported detections in our telemetry each month is the rather innocuously named HackTool:Win32/Keygen. Win32/Keygen is the name we give to programs that purport to activate software without an appropriate license. These programs claim to be able to do things like:

Generate serial numbers or license keys
Patch programs in order to bypass activation checks

Basically, these programs exist to enable software piracy. Software piracy is of itself a serious issue, and you can read more about it our software piracy information and piracy prevention pages. However, according to our telemetry, it seems that using pirated software might have undesired consequences, and of the 2 million computers that report a Win32/Keygen detection in a typical month, just under 50 percent of these computers also report at least one other malware infection. It is also worth noting that some of the most dangerous and difficult to recover from malware is commonly distributed masquerading as a keygen, such as Win32/Sirefef.

There are a number of reasons as to why we might see this kind of pattern, but the key takeaway here is that there may be a serious hidden cost to getting software for free.

How do I report suspicious websites?

Have you ever visited a website that tried to install unwanted programs or even malware to your computer? Or maybe you received an email or visited a site that contained misleading content that tried to scam you in some way. Have you ever wondered how you can report these suspicious sites and content to someone so that other users are less likely to be affected? In case you were wondering, you can report this information to Microsoft.

Microsoft uses these reports to help protect you and other users from malicious content. After being verified, this information is used by the SmartScreen Filter in Internet Explorer and Outlook.com to:

Block sites that are considered to be unsafe
Filter phishing email from your inbox
Warn you about high-risk downloads
Help prevent potentially harmful software from compromising your computer

To help other users avoid malicious content and report a website or email you believe to be suspicious:

In Internet Explorer, while you are on the suspicious website, click the gear icon and then point to Safety. Click Report unsafe website.
In Outlook.com, if you receive a suspicious message, click the check box next to the message. Click Junk and then point to Phishing scam.

You can find more information on reporting suspicious websites or email at the Microsoft safety and security center.

Provide feedback