Windows Live Messenger is both a powerful and fun communications tool for staying in touch with your friends, family and co-workers. It is a semi-enclosed environment where you can freely interact with the people you know and trust – the people in your network. Unfortunately, over the last couple of months, we've been monitoring an increase in spammers and malware distributors trying to work their way into our customers’ networks of trusted Messenger contacts.
How Messenger spam works
First the spammer identifies potential targets. They do this by searching for public Spaces, by acquiring lists of valid Hotmail accounts, and by trading with other spammers. Second, the spammers set up a number of Windows Live ID accounts and use these accounts to send invitations to their potential targets.
A typical invitation looks like this:
If you accept a spammer's invitation, they can then download your list of friends to find new people to target, and send messages to you and your friends trying to attract you to spam, phishing, or malware websites. See my previous blog post on URL reputation to learn about the protections that SmartScreen® provides if you do end up clicking one of these links.
We’re working on delivering several technologies to help us reduce these bogus invitations. In fact, starting this week we are deploying a number of immediate new steps to block and root out these spammers, and to limit the number of invitations they can send.
Don't let spammers in the door
You can take steps to protect yourself too. One thing you can do is click the View profile link in the invitation, to try to figure out if it is from a spammer or an old friend. Viewing the profile won’t hurt you or your computer, and it won’t add the spammer to your network, so it is always a good first step. This is like what you might do at home, if someone came knocking at your door unexpectedly. You'd probably look through the peep hole before deciding whether or not to let them in.
If you still don’t recognize this person, and think they really might be a spammer, then don’t answer the door -- and let us know by clicking the check boxes to block them and report them as spammers.
Better safe than sorry
And don’t worry about reporting abuse. Even if you accidentally report a long lost friend as a spammer, we won’t shut down anyone’s account based on one piece of feedback. In this world, it's better to be safe than sorry. You might also find these 10 tips for safe instant messaging useful.
As with all service abuse scenarios, this is another arms race. We know abusers are motivated, and will attempt to react every time we add new protections, but we're motivated too. We’re continually working to protect everyone on the network from these types of attacks.
John Scarrow
General Manager - Safety Services
PS. If you think you may have already fallen victim to a phishing scam, check out these tools for removing malware and preventing further issues.
More...