Just say no to bogus Messenger invitations

JScarrow - Windows Live Staff

Friday, April 16, 2010

Surprisingly, a bogus request will come from a friend

Just say no to bogus Messenger invitations - Credit Skippyjon

More about Messenger:

Topics:

Messenger New feature How-to guide Messenger How To Safety Virus

Windows Live Messenger is a powerful and fun communications tool for staying in touch with your friends, family and coworkers. It is a semi-enclosed environment where you can freely interact with the people you know and trust — the people in your network.

Unfortunately, over the last couple of months, we've been monitoring an increase in activity from spammers and malware distributors trying to work their way into our customers' networks of trusted Messenger contacts.

How Messenger spam works

First the spammer identifies potential targets. They do this by searching for public Spaces, by acquiring lists of valid Hotmail accounts, and by trading with other spammers. Second, the spammers set up a number of Windows Live ID accounts and use these accounts to send invitations to their potential targets.

A typical invitation looks like this:

If you accept a spammer's invitation, they can then download your list of friends to find new people to target and send messages to you and your friends trying to attract you to spam, phishing, or malware websites. We're working on delivering several technologies to help us reduce these bogus invitations.

Don't let spammers in the door

You can take steps to protect yourself too. One thing you can do is click the View Profile link in the invitation, to try to figure out if it is from a spammer or an old friend. Viewing the profile won't hurt you or your computer, and it won't add the spammer to your network, so it is always a good first step.

It's a lot like what you might do at home, if someone came knocking at your door unexpectedly. You'd probably look through the peep hole before deciding whether or not to let them in.

If you still don't recognise this person, and think they really might be a spammer, then don't answer the door — and let us know by clicking the check boxes to block them and report them as spammers.

Better safe than sorry

And don't worry about reporting abuse. Even if you accidentally report a long lost friend as a spammer, we won't shut down anyone's account based on one piece of feedback. In this world, it's better to be safe than sorry. You might also find these 10 tips for safe instant messaging useful.

As with all service abuse scenarios, this is another arms race. We know abusers are motivated and will attempt to react every time we add new protections, but we're motivated too. We're continually working to protect everyone on the network from these types of attacks.

If you think you may have already fallen victim to a phishing scam, check out these tools for removing malware and preventing further issues.

Original article available here

If you are receiving spam or worm links from your contacts through Messenger, click here.

SHARE:
MESSENGER
FACEBOOK
MORE
Post on Facebook
Blog on Spaces
Add to delicious
Add to Digg
Share on MySpace
?
Share, bookmark, and save your favourite ninemsn articles and features. Learn more.
[x]
Sorry, your configuration doesn't support this feature.
The minimum requirements are MSN Messenger 6.0 or higher and Internet Explorer 5.5 or higher.
Download Windows Live Messenger now.

Write a comment

Email: *
Your email will not be shared with any third parties or published with your comment.
Nickname: *
Location: *

Subject:
*
Comment:
*
Maximum characters 1000

* Indicates required field

Preview your content

Please note: All reviews and comments submitted are subject to moderation, NineMSN reserves the right to alter and / or remove any content that does not comply with usage guidelines.

User comments

Working ...

Hi. I have currently been having invitations from people I don't know. They are all saying the same thing in their messages all the time. They are from a website so is that still a hacking email?

I always get these people adding me and even though i press no i keep getting more and more requests.

So what am I meant to do if I get 50 requests at a time? It takes ages to cancel each one individually because you have to tick 2 boxes then OK for each one.

Why cant people use Blind carbon copy when they send out multiple emails ???.... every time an email gets sent on with all the email addresses on it, those addresses end up being sent to thousands of people, lots of people getting your friends and your own email addresses on the top of emails ARE NOT nice people and will spam and or HACK your and your friends account PLEASE use Bcc as your send option

i keep getting 5 different people adding me a day, and i don't want to deny them because they could be someone i know but most of the time its some stupid spam, that says, 'hi are you a guy? (other conversation questions) ..come see me on webcam my shows just about to start'. every time i block and report them it does nothing because they have my email and they will just add me with another email. it's driving me insane...

I have been bombarded with fake requests for months, I lost count how many, the first few I thought were friends, but after adding them and trying to talk to them I never got a reply, later one said to check out a website. Shortly after that a flood of them started asking to join, most names look ligit but many were posting a url as their comment, since then I block and report everyone, I am glad we can't abuse the report feature, I was getting worried I would lose my hotmail address cause of over reporting. We should have a IP and MAC log of each of our contacts, if their our friends then i don't see this as a privacy issue, an IP address can change but a mac usually doesnt unless they connect from another computer. More tools at our disposal the better I say. And I prefer a default option of Ignor or NO for adding people, I was typing a email to a friend when a popup said a new friend was on messenger but what ever keys I pressed accepted them, so default option of IGNOR or NO.

why the hell can Microsoft or msn just stop these from even appearing ! its really annoying that everytime I sign in I have to report or block about 20 invitations. I've had msn for about 7 years or more and I think something else has to be done!

Yep, I had a few invitations a few months ago and reported all of these as spam. I noticed on two of these after going to the profile, it had the same profile picture and all of them had "No Name" in the profile. That's how I knew it was from a spammer.

I have run into spammers that will add you, and always appear offline so you never suspect them. Then they use this account to detect activity (if you are online or not). If you are online, they will use a flaw in MSNP's multi user chat system to get someone else hooked up to you in a chat, so you never actually see the original person who is in your contacts list. They initiate a chat with the person the want to connect up to you, then invite the target, then leave. The issue is that MSNP never indicates to the target that they have been added to a chat, nor when someone leaves before the first message. This will also let you get around blocks.

This is kinda moving away from the topic but.....IS THERE A WAY TO BLOCK CHAIN MAIL? I have gotten so many, that I have created a new folder in my inbox just for them! I know there are some people like me that just HATE chain mail, but we can't really do anything about it, but just e-mail people and tell them not to send it to us, but then they send even more! I think it would be really helpful if some-one could create a software that just automatically deletes chain mail.

Working ...