June 21, 2007

In recent weeks, many users have been writing to us, perplexed by e-mail they've received, purportedly from MSN. So let's just dispel some concerns right now.

Jon of Columbus, Neb.: MSN is not shutting down this summer.

Roxane of Manitoba: You will not be charged $10 for using MSN, regardless of whether you forward the e-mail you received to 18 Live Messenger friends.

Michaela of Oakland, Calif.: You are not among the 10 "winners" in a batch of 50 million international e-mails, qualifying you for a "MSN Lottery Draw" of about $800,000.

These are all examples of fraudulent e-mail known as phishing, and it's becoming increasingly sophisticated and cunning, to the point where the criminals drop the names of real MSN employees – even Microsoft's co-founder. But let's just say while Bill and Melinda Gates donate a lot of money for benevolent causes, they don't run a lottery. That is simply wishful thinking and too good to be true, which is the part of the name of a Web site developed by a joint federal law enforcement and industry task force to educate consumers and help prevent Internet fraud.

Meanwhile, Microsoft and MSN also tackle the problem through content and experts.

"Cybercriminals try out new tactics each week," explains Aaron Kornblum, a Microsoft senior attorney. Last week he addressed an Internet safety conference in Berlin on efforts to fight cybercrime. “Fraudsters think very hard about new ways to separate you from your bank account and personal information.

"We work to help catch bad guys online and listen to our customers about what they are seeing," said the former Air Force prosecutor and civil litigator. Kornblum is a part of Microsoft's worldwide team of 65 people focused on foiling cybercrime.

Microsoft takes the fight into the field, pursuing wrongdoers across continents and, as appropriate, into court. Last spring, Kornblum, blogging from Bangkok, wrote of Microsoft's role in convicting an Iowa phisher. More recently, Microsoft worked to support the FBI in its arrest of multiple cybercriminals in Operation Bot Roast.

Another way to prevent scams in the first place is through the use of technology, including the free phishing filter built into Internet Explorer 7 or the Windows Live toolbar, plus safeguards in Windows Live Hotmail, Windows Live Mail and Microsoft Outlook.

While the site Microsoft.com/protect collects information and news about nefarious actions and techniques to combat them (including tips on recognizing phishing scams and fraudulent e-mails), the editors on MSN's Tech & Gadget team monitor developments daily.

"Security news is incredibly important to our users, and phishing has been top of mind since I started working on T&G almost four years ago," says Tina Cha, editorial manager for Tech & Gadgets. "The story 'Top 25 Web Hoaxes and Pranks,' which we featured in May, has been our most popular story in the past year. Our readers not only want to learn more about Web hoaxes and how to avoid them; they also want to warn others to not fall for the same mistakes they did.

"Personally, I just counted 14 phishing or scam e-mails in my Hotmail junk filter in the past five days or so. When phishing first started to gain traction I would send high-alert messages to my family (really, my parents), making sure they wouldn’t take the bait. It’s important for me to know I’m doing what I can to help let everyone know about the dangers out there."

Cha takes her journalistic responsibility seriously, perhaps made even more vigilant given that she and her husband had their offline identities stolen.

Within the Tech & Gadgets content is a department focused on security, which includes an archive of recent coverage. And the most active technology message board, after "how to," is about online hoaxes.

"Many of our readers described the scams that they or their family members fell for," Cha says. "I wouldn’t be surprised if several more didn’t because they are embarrassed that they fell for it in the first place. The ones that hurt the most, to me, aren’t where people are greedy and think a Nigerian official is offering them $20 million, but where they meet someone on a dating site and think they are falling in love, only for them to find out they’ve been scammed. Letting your guard down for just a second is all it takes."

Thankfully, most users recognize these scams as phishing expeditions (though a quarter of MSN users responding to a Quick Question say they've fallen victim to an e-mail scam), and look to our coverage for details or clarity. For instance, this spring a resident from Bethlehem, Pa., pondered the validity of a million-dollar reward but saw that an article from MSNBC exposed the scam.

The MSN homepage editors elevate news when they can, but not all news fits on the front page; furthermore it can rotate off in a matter of hours. It's better, therefore, to monitor developments with visits to the Tech & Gadgets pages or by visiting the special coverage provided by partners and content providers, including MSNBC, Newsweek and CNET (in fact, you can set up an RSS feed for MSNBC's security coverage).

Unfortunately, online scamming appears to be fertile ground. The Internet Crime Complaint Center, which partners the FBI and National White Collar Crime Center (and produces the Web site ic3.gov) reported an 11 percent decrease in the number of complaints in 2006, though fraudulent losses increased by more than $15 million, to $198 million.

Even the best and combined efforts of Interpol, the FBI and Microsoft, among other hactivists, won't eradicate the problem. Caution and common sense can help. And recently, Dave from Kansas City, Mo., submitted this idea to Inside MSN:

"I'd like to see a special section dedicated to fraud, corruption and scandals – more of a consumer-type related series that helps consumers from being taken advantage of. This could be anything, from retailers who are fraudulently overcharging consumers to automotive repair shops to utility companies ripping off consumers to just about anything. And it should be weekly, with actual complaints and photos and videos for people to see with several different ways to contact you to turn in a complaint. Both Internet and phone would be especially helpful. That's what I would like to see you guys specialize in: Once a week, a new case – and also be able to let us go back and see previous stories you've investigated, too. Now I'm referring more about consumer fraud-type cases, not your catch-a-predator stuff – that has nothing to do with what I'm referring to. Anyway, thanks for letting us send you ideas."

Good idea, Dave. While we can't act on every suggestion, please keep them coming. We'd much rather hear ideas than evidence of fraud, and we welcome them all. Because Microsoft is so big, it's helpful to direct your inquiries to the right forum. For instance:

Send your general comments about MSN.com using the box at top right.

For specific feedback on the homepage, click on the feedback link at the bottom of the page.

In every specific section (Health, Travel, etc.) the feedback link at the bottom of the page goes to the editors monitoring an inbox for that section.

Within Hotmail, use the "contact us" link.

Microsoft's Security Central provides assistance for home and office.