Watch out for fake virus alerts

Rogue security software, also known as "scareware," is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.

How does rogue security software get on my computer?
Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the web.
The "updates" or "alerts" in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.
Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software, so it is important to protect your computer.

What does rogue security software do?
Rogue security software might report a virus, even though your computer is actually clean. The software might also fail to report viruses when your computer is infected. Inversely, sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect.

Some rogue security software might also:

• Lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program).
• Use social engineering to steal your personal information.
• Install malware that can go undetected as it steals your data.
• Launch pop-up windows with false or misleading alerts.
• Slow your computer or corrupt files.
• Disable Windows updates or disable updates to legitimate antivirus software.
• Prevent you from visiting antivirus vendor websites.
• Rogue security software might also attempt to spoof the Microsoft security update process. 

To help protect yourself from rogue security software:

• Install a firewall and keep it turned on.
• Use automatic updating to keep your operating system and software up to date.
• Install antivirus and antispyware software and keep it updated. Windows 8 includes antivirus protection that’s turned on by default. If your computer isn’t running Windows 8, download Microsoft Security Essentials for free.
• Use caution when you click links in email or on social networking websites.
• Use a standard user account instead of an administrator account.
• Familiarize yourself with common phishing scams.

Fix your hijacked web browser

Browser hijacking is a type of online fraud. Scammers use malicious software (malware) to take control of your computer's Internet browser and change how and what it displays when you're surfing the web. If you are already a victim of a hijacked browser, the following instructions can help you free your browser from the hackers, restore browser settings, and boost browser security.

Help free your browser from hackers
Antivirus and antispyware software helps prevent and detect malware. If any malware does manage to bypass your firewall, antivirus and antispyware software will help remove that potentially dangerous software. If you have Windows 8 installed, antivirus software is included with the operating system. You are not required to do anything to set it up. If you are using earlier versions of Windows, Microsoft provides free antivirus software called Microsoft Security Essentials. Many of our partners also offer antivirus software.

Help restore your browser home page
If your home page keeps changing back to another page, this might be a sign that your computer is infected with a virus. After you have updated your computer with the latest antivirus software, restore your browser home page.

To change your home page in Internet Explorer 10
Internet Explorer 10 is the latest and most secure version of the Microsoft web browser.

Download Internet Explorer 10 to help protect your computer against viruses, fraud, ID theft, and other threats.
In Internet Explorer, navigate to the page that you want to make your home page.
Click the down arrow next to the Home icon on the Internet Explorer toolbar, and then click Add or change home page.
Click either Use this webpage as your only home page or Add this webpage to your home page tabs.

Help boost browser security by disabling add-ons
Many browser hijackings come from add-on software, also known as browser extensions, browser helper objects, or toolbars. These items can improve your experience on a website by providing multimedia or interactive content, such as animations. However, some add-on software can cause your computer to stop responding or display content that you don't want, such as pop-up ads. Internet Explorer 10 and Internet Explorer 9 warn you in the notification area of your browser if an add-on is slowing down your computer. You can also view the add-ons that you already have installed and disable the add-ons that you don't want by clicking the gear icon, and then clicking Manage add-ons.

Capturing your Bank Account by Accessing to SMS

According to Symantec Corp., mobile phone banking transactions are more vulnerable because of Android malware that eavesdrops on incoming SMS messages and forwards them to another SMS number or server. This sort of data leakage represents a significant risk, both to individuals and to organizations. The potential exists for attacks like these to target Internet banking services that send mobile transaction authentication numbers via SMS. Many banks send authentication codes to your phone via SMS each time you do an online transaction. This means that just stealing a login password is no longer enough for criminals to raid your account. But malware on your phone, such as the Zeus-based Andr/Zitmo (and similar versions targeting BlackBerry) are capable of intercepting those SMS messages.

Consider the following hypothetical scenario. Through a conventional phishing attack, a victim gives criminals sufficient information to allow them to sign in to your mobile banking account and also port your phone number (this has happened). They can now log in to your online bank account while also receiving an SMS containing the second-factor authentication token needed to complete a transaction. Through the use of a malicious Android app that harvests SMS messages in real time and in concert with a social engineering attack, attackers open a brief window of opportunity to steal this token and use it.