This story from the UK Guardian heralds good news for operators unwilling to fork out big bucks for computer security:

Microsoft Corp said Thursday it plans to release a beta test of its free computer security program next week and is on track to launch a finished product in the next couple of months.

The program, Microsoft Security Essentials, is designed to find and kill malicious software that can steal passwords and other personal information or turn PCs into spam distribution hubs.

Once the PC security software is installed, Microsoft said it will download updated lists of identified malware daily, but will keep a low profile unless it detects dangerous software.

Theresa Burch, a director on the security software team, said the program tries to spot malicious software even if it’s not on the list of known corrupters. When it encounters something suspicious, it checks with a Microsoft server for updated intelligence before allowing the program to run, a process Burch said is almost instantaneous.

Microsoft also maintains a database of trusted software sources, so the tool won’t accidentally block items like Google Inc.’s Web browser toolbar, she said.

Security Essentials will compete with rival subscription programs from McAfee Inc. and Symantec Corp., seller of the notorious Nortins Utilities, and with several other free packages. But Burch said Microsoft isn’t going after those company’s customers –?? instead, the goal is to improve security overall by getting people who don’t have current antivirus software to protect their PCs better.

In fact, it’s important that Microsoft’s competitors stay in business, Burch said.

"If there was only one solution out there addressing threats, all the malicious software developers out there would have a very easy target," she said.

The security software will come as a free download, but it won’t be part of Microsoft’s Windows 7 operating system, which goes on sale in October. Bundling the two could be fodder for antitrust complaints.

After the final version launches, Microsoft will discontinue its existing security program, the more robust $50 Windows Live OneCare.

Need to find out more about anti virus computer security? Contact John here or call/sms 0414 955 743

Although they include typos, many small business owners who advertise on Google AdWords are wondering if this phishing emails are real.

I decided to show you three examples, so you can see for yourself three different ways scammers target their victims. As you look at these, imagine that you are a Google AdWords advertiser.

~~~ Start Phishing Scam Email #1 ~~~

From: adwords-noreply@google.com
Subject: Your AdWords Google Account is stoped
Date: March 25, 2008 8:06:15 AM EDT

This message was sent from a notification-only email address that does not accept incoming email. Please do not reply to this message.

Dear Google AdWords Customer,

Please sign in to your account at http://adwords.google.com/select/login , and update your billing information. [This link actually goes to a scam site in China.]

Your account will be reactivated as soon as you update your payment information.

Your ads will show immediately if you decide to pay for clicks via credit or debit card. If you decide to pay by direct debit, we may need to receive your signed debit authorization before your ads start running, depending on your location.

If you choose bank transfer, your ads will show as soon as we receive your first payment.

We look forward to providing you with the most effective advertising available.

Sincerely,

The Google AdWords Team

~~~ End Phishing Scam Email #1 ~~~

~~~ Start Phishing Scam Email #2 ~~~

From: reactivation@google.com
Subject: The Google AdWords Team request you to update your
billing information
Date: March 28, 2008 5:03:21 PM EDT

Dear Google AdWords Customer,

Your ads have stopped running because we were unable to process your billing information. We will reactivate you account after you update your billing information. In order to reactivate your account, please sign it to your account at http://adwordsgoogle.com/select/login, and update your billing information. Once your account is reactivated and your billing information has been processed, any your ads and campaigns can begin running immediately on Google. [This link also goes to a scam site in China.]

You will not be asked to submit your billing information every time you create a new ad or campaign. If your payment has been declined and you’d like to resubmit the same credit card information, you may also do so by clicking the Retry card button on your Billing Preferences page. After updating your credit card information (regardless of whether or not you use a different card), it can take up to 24 hours before your ads start running again. You also have the option of providing a backup credit card to help ensure that your ads run continuously in the case that your primary payment method fails.

Sincerely,

The Google AdWords Team

~~~ End Phishing Scam Email #2 ~~~

~~~ Start Phishing Scam Email #3 ~~~

From: reactivation@google.com
Subject: Our programme terms have changed.
Date: April 4, 2008 2:57:16 PM EDT

Dear AdWords Customer,

As part of our ongoing efforts to improve the Google AdWords programme for advertisers and users, we have updated our Terms and Conditions.

Please review the new Terms and Conditions below, then indicate your acceptance.

Yes, I accept the Terms and Conditions. [This includes a link to another phishing website.]

This message was sent from a notification-only email address that does not accept incoming email. Please do not reply to this message.

~~~ End Phishing Scam Email #3 ~~~

As I said, these are all phishing scams. Although they many look real, Google rarely makes typos, and will not take you to a bogus website in China.

If you have a question about any email like this that you receive, don’t click on the link in the email. Instead, simply log into your account the way you normally do. If there is really a problem with your billing or other information, you’ll see it when you log into your account.

So, the term applies to scamsters who are ‘phishing’ for your private information, to steal your credit card or bank info — or worse, your identity.

There are two new variants: A banking scam and one that involves your credit card.

The first a bank scam which came to light for the first time this week. Here’s a sample. (Note: spelling errors are in actual emails.)

Subject: YOUR ONLINE BANKING ACCOUNT

Dear Online Banking Consumer,

This email was sent by your Online Banking center to verify your e-mail address. You must complete this process by entering required iformation like your Online Banking login and password. This is done for your protection — becaurse some of our members no longer have access to their email addresses and we must verify it. Please, complete the following information:

Bank Routing/ABA Number (9 digits):
First 6 digits of your Banking Card:
Online Banking Login ID (CIN or CAN):

Your Online Banking Password (or PIN):

* * *

The second one is almost funny — except that innocent people are getting taken:

You credit card has been charged for $234.65

Important notice

We have just charged your credit card for money laundry service in amount of $234.65 (because you are either child po… graphy webmaster or deal with dirty money, which require us to layndry them and then send to your checking account).

If you feel this transaction was made by our mistake, please press “No.”

If you confirm this transaction, please press “Yes” and fill in the form below.

Enter your credit card number here:

Enter your credit card expiration date:
* * *

What do you do if you get an email like this?

Nothing. Delete the email! It’s a scam.

Legitimate banks and organizations may send you offers and coupons via email, but they do NOT ask for your personal and banking information via email.

If you have any question about the legitimacy of an email, go to the official website directly, or call or email the company. Never click on the link in the email.

REMEMBER: Never, ever, ever respond to emails that ask for personal info.

This scam is usually initiated with a telephone call and the target is either an individual or a small business owner. Here’s the small business owner version:

The caller offers your business a customised website for 30 days free of charge. After the introductory period, a monthly fee of $20-$30 will apply.

Sometimes victims are told that they will be automatically billed after the 30 days is up. Other times victims are told that they won’t be billed unless they authorise the continuation of the service.

Regardless of what is said during the call, victims are automatically being billed for this ’service’ whether they authorise it or not.

This scam would be slightly less distasteful if you in fact received something of value for your money. However, the websites that are constructed are usually poorly done, full of errors and misspellings . . . and essentially useless to your business.

To guard against this scam you should:

1. Be aware that you have no obligation to pay for services you haven’t specifically ordered. If you receive a bill for a service you didn’t order, do not pay it.
2. Keep a close eye on your phone bills. This is where the charges for this type of scam may show up. Review your bills as soon as they are received and question any charges that you haven’t ordered or authorized.
3. Ask for documentation any time you purchase anything by any method (online, over the phone, in person or via fax).
4. Designate one or two staff as responsible for purchasing and restrict purchasing to these individuals.
5. Alert your staff about scams of this type and how to deal with scammers on the telephone.