New research shows rise in “deceptive downloads”

According to the latest cybersecurity report from Microsoft, “deceptive downloads” were the top threat for 95 percent of the 110 countries surveyed.

What are deceptive downloads?

Deceptive downloads are legitimate downloadable programs (usually free) such as software, games, or music that cybercriminals bundle with malicious items.

For example, you might receive a file in email or through social networking, but when you try to open it you see a message that says you don’t have the right software to open it. You do a search online and come across a free software download that claims it can help you open the file. You download that software, but you unknowingly might also be downloading malicious software (also known as “malware”) with it. This malware might have the ability to access personal information on your computer or use your computer for cybercrime.

It could be months or even years before you notice your system has malware.

How can I avoid deceptive downloads?

What should I do if I think I’ve been a victim of a deceptive download?

Do a scan with your antivirus software. If your computer is running Windows 8 or Windows 8.1, you can use the built-in Windows Defender to check for and to help you get rid of a virus or other malware.

If your computer is running Windows 7 or Windows Vista, do the following:

What is the Security Intelligence Report?

The Microsoft Security Intelligence Report (SIR) covers research on computer security, including software vulnerabilities, exploits, and malicious and potentially unwanted software. Volume 16 of the report was released today. If you want to learn more about deceptive downloads and other key findings, please visit Microsoft.com/SIR.

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »

Join the conversation

44 comments
  1. Anonymous

    Dear Sir! A Nightmare of" Angst "since yesterday afternoon.Tried to activate my Window 7 yesterday,after my Computer failed to start. Eventually after it was fixed my Computer started to play up. Stop start,stop startFinally i got through to Microsoft the 1800 number.Finally i actually got a Person to talk to and give me the activation Code.I thanked him and with in 5 Minutes the Microsoft " FAKE " Company rang on my Landline and told me that my Computer had a Virus they discovered and needed to get in to my Computer. I innocently gave permission to let them in my Computer. There the Mouse Arrow went Mental. Here,there,up and down and the Microsoft Guy told me to hang on awhile till the Technition fixed the Problem. Now Microsoft wanted my Credit Card Number for fixing it$16.70 I said OK i will post it .No,No he insisted of my Credit Card Numbers .me the Idiot actually gave him my Card Number.I got a funny feeling about this,though i just said ,dont worry about fixing the Rest of supposed viruses and hung up .I immediately turned my Computer of.I pulled my Modem Line out of the Computer and turned of my Modem.I told my Wife about this,that within 5 Minutes of hanging up on Microsoft "Real" the fake Microsoft rings me up and starts telling me about my activation code ECT.I presume 99% that the Guy in the Real Microft sells the information to those Croocks. To day i found out that they cashed in Goods for $268.00 and more goods have not leard yet with my Credit Card jet.Well the Credit card has been stopped but still wondering how these Guysgot my Details within 5Minutes   !!!!!!!!~

  2. Anonymous

    MIcrosoft will not just call and say " you have a virus" or instruct you to give them access to your computer. NEVER give your Credit card information or give out personal information to any one who contacts you via a phone call or via email.

    Also it's waste of time to try and debate with the person who called you. Just hang up.

    SlimLine ~ There many ways that the person could have got your information. I would find it hard to believe That a person that is gainfully employed with a company as great as Microsoft would risk loosing a great job and a career plus Microsoft certifications just to sell information to a low life scammer. Microsoft pays awesome wages. over the top wages mind you…..Plus countless other benefits

    I think you should look into what programs you have on your computer. You most defintley have a key-logger installed and it alerted  the scammer that you went to Microsoft.com. Thats how to are able to run the scam. by calling right after you have made contact your self. this leads you to believe that it is a legitimate call…

    Get a good firewall set first, so the bad virurs can not " talk" to its master, There are some awesome free firewalls, go to download.com and look for comodo firewall, Its great and it has an option to shut down all programs connections, or ask you every time a program wants to access the interent. You can also use the built in windows firewall, but chances are it has been compromised already.

  3. Anonymous

    I have received multiple calls from someone who mumbles something tech support, I assumed it was rogers,but figured it out rather quickly that it was not, it was a private company, they asked me to turn on my computer, it was on, but they claimed there was a problem that windows update could not fix, but to fix it all I needed to do was download some software which would have given them administrator rights and total control of my computer, they didn't know my ip address but would tell me in a few minutes, yeah once they had control, I told them I didn't have the time to explain it but I was not going to download this type of software from a private firm said goodbye and hung up they immediately called back several times until I told them to stop, I have received several more calls from the exact same person, and last time he said F.Off and hung up on me, I contacted Rogers thinking they might want to warn their users of this scam but they didn't seem to care, I mentioned it to my brother once and he said they had called him as well but he was not even running windows, he had a Mac, the later calls had them imply they were with Microsoft but never actually say it. Just thought I would let you know. I have never had a problem with a virus or spyware but I am cautious and I often use a free program called EULAlyzer from a company called Brightfort (formerly javacool software) that allows you to analyse end-user-license-agreements, don't just click agree, it scans it for you and then reports what it finds to you and you can submit the results if you want, pro version has auto-updates. AS most of us know these can be very long documents so most don't read them but you should, this program makes it  easy as it finds any references to 3rd parties for instance and shows you them. I run distributed computing so my system runs 24/7 and used to do a lot of Beta Testing of software. I am also a very pre-internet user but have to admit that the computer I bought in early 2010 with a rather expensive motherboard as I was running 3 5870's, the 5900's were just released it's an ASUS P6T6 WS Revolution but when Windows 8 was released it didn't pass the test run, some security problem with the motherboard. The technology seems to get smarter, hence smart phones but the users need to as well.

  4. Anonymous

    My English is not so good,that I can understand all. What´s about german language?

  5. Anonymous

    I participated in the following thread over a year ago, I think it was regarding this scam.  I still get emails whenever someone posts there. Please see:

    Microsoft Community

    logmein123 scam: received a call saying my antivirus was corrupted

    Don't believe anyone who calls and says they know anything about what's going on with your computer, just hang up on them. They are lying and scammers.

  6. Anonymous

    These same scammers are actually paying search engines to place their 1-800 numbers at the top of the search results. Be sure you are actually calling Microsoft when you a finding a number on the Internet. Same goes for any other software support number, especially antivirus companies. Scammers will answer the phone appropriately based on the 1-800 number you dialed. Most legitimate companies do not list 1-800 numbers but provide support via on line chat through their websites.

  7. Anonymous

    This information is very helpful to me but I have been fleesed out of about $700.00 by various companies that were supposed to fix my computer but left some of the viruses there, while taking my money.  I am a senior citizen on a limited check each month and not sure of what to do at this point.

  8. Anonymous

    I strongly advise our readers to look out for " Inbox Toolbar". It is an unwanted software that will install itself on your computer unknowingly,It will take cotrol of it, and you wont be able to uninstall it without an effective help!

  9. Anonymous

    I've been getting numerous phone calls lately from people with Indian-sounding accents.   They begin by saying that Microsoft has been getting error reports from my computer.   To one person I replied that I don't have a computer and that person immediately hung up on me.   But mostly I just hang up without engaging in any conversation, because I believe that this is just a scam.   Today I replied that I would call Microsoft myself and hung up.

    so what do you think?  scam?

  10. Anonymous

    Rule number one:  Use common sense.

    Rule number two:  Always refer back to rule number one.

    Also, to Paul D., thank you for mentioning EULAlyzer.  I'll look into it.  I'm always careful with EULAs, but I'd welcome a program like this, if it's good.

  11. Anonymous

    Im needing advise as to What Free Antivirus that is Safe and Secure – untl I decide on what is best Antivirus if payment required, what is thebest Free antivirus that can be downloaded safely and also best Paid one to get?, as Im needing continued protective -after a Computer Guy came out and was supposed to have fixed orignal problem/s with my 2002 version of Computer, Windows XP, and set me up with Bitdefender a couple of weeks ago – of which he charged me £70.00 to supposedly have fixed my Computer and removed any viruses, only to discover recently the Bitdefender anti virus he set me up with is now showing inactive – What can I and Should I do and advice needed on which is a safe free antivirus and paid one to get?, and seeing as both my Internet service provider has since stopped the extra £3.00 a month antivirus protection, and told they are, and have been searching, trying to find a more secure antivirus, and Microsoft also having stoppedtheir Antivirus security protection.

    And after a recent incident where 3 attempts were made to withdraw money from my Account – Korea, need to be 100% Safe and Secure with a Safe abd Secure antivirus of some kind.

  12. Anonymous

    I simply tell them I do not own a computer, they have all quit calling me!! EASY!!

  13. Anonymous

    Does anyone know anything about the software Webroot Secure Anywhere?  

  14. Anonymous

    My girl friend got a call this morning from a person calling himself Shawn Parker. Shawn said that he was from a Microsoft support facility and that there was a hole in her firewall. He said viruses had gotten into her computer and were slowing it down. He wanted her to give him access to her computer so he could "fix" the problem. She told him that she had to check with me first. He gave her his number to call him back [(321)332-0208 which by the way is supposedly in Orange County, FL]. I called him back, but a "supervisor" got on the phone and said that he would have to call me right back to speak with me. The number he called from [(767)275-9067] is supposedly on the island of Dominica in the West Indies. I provide these numbers so you know that these are scam numbers. He asked me to access the Administrative Events via the Start Menu>Computer (right click)>Manage>Event Viewer>Administrative Events (double click). As this shows all of the errors that ever occurred on the computer and as there are usually a number of them, it can cause a non-techy concern. He then had me use the Windows + R combo to access the Run window. I entered cmd.exe and hit enter to bring up the Command Window. Typing assoc and hitting Enter showed all the extensions and the files associated with them. At or near the bottom there is a line that contains the characters CLSID followed by what appears to be a serial number. He then reads the characters in the "serial number" to prove that he is really from Microsoft. The only thing is that the "serial number" string is neither computer nor operating system specific. It is the same on all of the computer and operating system combinations that I have access to. Be forwarned about this scam as it is easy for people unfamiliar with Microsoft practices to be fooled by it, even those who consider themselves to be knowledgeable about computers.

  15. Anonymous

    I got an email from usps .com saying to click for shipping label for package that wasn't delivered.  Because we were expecting a package, I clicked.  Got a couple major trogans.   it took MS support two days to get rid of.  All MS Defender could do is say it was infected and warn me over and over again.  It tried but failed to solve the problem.  It took several installed and later dumped malware fix it programs to rid it from my machine.  My sister got same email- I called her and said DONT OPEN!

    Notice that there is a space between the 's' and the dot.

  16. Anonymous

    For several years, I have used a totally free website (it is community driven) to check phone numbers that call me.  If that same phone number has been calling other people, you can read nationwide community comments about experiences other folks have about calls from the number you put into the search box.  It does not give results for private individuals, just nuisance calls.  It works for me…http://www.800notes.com

  17. Anonymous

    I received a call from a "Microsoft Technician" who I could hardly understand who said my computer was about to crash

    and he would show me how to fix it.  A second tech got on the line and we were disconnected.  A third female " tech

    called back and ran me thru the Run window and showed all the errors.  I was told my security certificate had expired. She flashed the prices on the screen for a 1, 2, and 3 year renewal.  I told her I'd think about it……

  18. Anonymous

    Today I tried to get on my computer. I was unable to get on my e-mail, instead a request to send my address to someone in the household and get instructions as to what to do. Which I did, but my wife being suspicious refused to let me go any farther. Now they are asking for my password on m computer. I am unable to find a telephone # for Microsoft so decided to write and find out if this is legitimate.Hope someone can help. Thanks

  19. Anonymous

    Security Updates listed, I update and install, thus there was a crazy Tepero Tunneling ———- or something that I have no idea what it does. I can't find it to delete or uninstall. Everyone online seems to think it is a virus, so how'd it get on my update list? Also, how do I get security for my XP? I understand it has been discontinued. I now have no security on one of my desktops, or probably both. Am I safe with Windows 7 on this laptop? I am a computer idiot, so make it easy.

  20. Anonymous

    It really is  a  scam.  Make large wages doing nothing.  I answer the call  suppose to make your computer move faster.

    I did nothing change everything on my computer but antivirus just went though took cotrol of my computer. After it would goway,i turn my computer on clip to go into internet their  it is "fix it" like i install it ion my computer. I had to make another purchase .  My advise just hang up you want be sorry.  

  21. Anonymous

    what is JELLY BEAN?  ( I Can't confirm if this is me, A DAEMON Connection mngr)  (Maybe its a ghost!) ….

  22. Anonymous

    Help please,I have to restart  my  Microsoft Security Centre Fire Wall every time that start up my computer.

  23. Anonymous

    what  is  malwarebytes ant  malware

  24. Anonymous

    I received a call on June 10, 2014 from a man with an East Asian accent saying that he saw that I had a problem downloading a Microsoft Update. I did indeed have a problem with a Microsoft download that day. He said: "Go to your computer and turn it on and I will fix the problem for you." I immediately hung up and shutdown my computer. BEWARE OF THIS SCAM!

  25. Anonymous

    If microsoft is interested in a lead as to who is perpetrating this scam my phone registered this telephone number (206) 317-1756.that called me with this scam. When I called it back a few days later "Thomas" answered. This was the same voice that called me several days before and said he was Valentin Martin from Microsoft and that they had detected a virus on my computer. At that time he already had control of my computer without any help or consent from me and ultimately wanted to sell me a program to clean up my computer. When I refused. he said F…U and I hung up. It took Norton half a day to clean up his mess.

  26. Anonymous

    received an email from email@ Microsoft.microsoft.com and pretty sure it had malicisous virus attached. just wanted to make someone aware of it

  27. Anonymous

    My internet explorer does not working well in the new Microsoft windows 8.1. I like to get the latest version. I am very thankful to the Microsoft.

  28. Anonymous

    Some of my contacts have called or written me to let me know that they received an email from my account asking them to download a file.  I already changed my password.  Is there anything else that  I should do?  Is my computer at risk?  Thank you.

  29. Anonymous

    I have had the same problem with phone calls.  Each time I ask for their name, companies name, and a number where I can call them back.  I received another one today.  They told me the name of the company is Nombisko and the person I spoke with, Maseaylor, gave me an incorrect return number.  Who do you report these too?

  30. Anonymous

    Do they always phone?  Or do they also do it through live chat? If so i think i just got scammed big time! How do i find out? Now feeling scared and a bit stupid!

  31. Anonymous

    I ran into the same problem but the number to call was stuck on the outside of the computer box when purhased!  They tried all of the same tactics to get my IP address !  For initial set up?  Get real.  Anyway, they called back twice.

  32. Anonymous

    Is "Slimware utilities" an honest Microsoft affiliate?

  33. Anonymous

    Hi i have been scammed in the same way last year?=& i now have problem when i browse through ebay pages i get loads of pop ups & adds i have AVG protection which has now informed i have 17 malware infections???=can any one advice what to do please regards mick.

  34. Anonymous

    how come there are no answers to any of these questions?

  35. Anonymous

    Please beware of a person calling from Azure Technical Department – they will tell you that your computer is interfering with their interface and they want you to sit at your computer an they will walk you through fixing it.  The male hung up on me when i asked for his info he asked me why i wanted it and i told him so that i could report it to the police

  36. Anonymous

    To ric: this is not a forum to ask questions; it is an area to post comments related to the article. If you want to ask questions, please locate the correct forum and thread on the Microsoft website. Do not do it here.

    However, to answer all of your questions above, YES! You all have been scammed and/or exposed to a trojan, virus, wormhole or keylogger. Get your computers offline and get them wiped clean of the viruses. Change all your passwords and security questions on all email accounts, bank accounts, social media accounts and other log-ins. It's common sense, but looks like it's necessary for me to specifically note:  use another computer that does not have a virus, wormhole, trojan or keylogger on it when changing your passwords and security questions or you'll just give all your new data to the cyber criminal.

    Microsoft recommends their antivirus and security cleaner. If you've downloaded something else, seek information from Microsoft or your computer technician for removal details. Also, remember that when you download a software program such as AVG or AdAware for free, you are giving up something in return: privacy, information and tracking, among just a few things.

    Beware. Be vigilant.

  37. Anonymous

    I just received a call from Microsoft security and insist that I had be hacked and wanted me to go to google and use "VALIDTOR" (a joined creation by Microsoft and Google) to check and I told the person I was busy and asked him for a number to call back – 0290378526 (Australia).  I believed I it is a scam.  

  38. Anonymous

    thats somebody runing my computer not the owner i let you know this

  39. Anonymous

    This from the account team at microsoft….I don't think it is legit ..

    .Microsoft account upgrade your email account To finish setting up this Microsoft account, we just need to make sure you did not loose any messages from your Microsoft Web Access.

    Upgrade your email

    If the upgrade link did not work click link below, click here to proceed. Thanks, The Microsoft account team account-security-noreply@account.microsoft.com Microsoft account team

  40. Anonymous

    Same thing happened to me but  I got scared and told them not to call anymore,

  41. Anonymous

    I received an e-mail asking for info regarding a refund. It is using the title Microsoft refund dept.

    Microsoft.refund_policy@outlook.com

    Is this ligit? or a scam?       

  42. Anonymous

    GOOD.

  43. Anonymous

    I thought I was stupid…..  Not anymore!!!!

  44. Anonymous

    Sir:

    EVERY STORY THAT I READ, HAS HAPPENED TO ME, TO THE POINT OF GETTING THE FBI AND A PRIVATE INVESTIGATOR IN MY COUNTY.. THEY JUST RESENTLY GOT ME AGAIN, I'M TRYING TO LEARN AS MUCH AS I CAN TO STOP THIS ,IT HAS BEEN A TERRIBLE EXPIREINCE.

Comments are closed.