REDMOND, Wash. — Microsoft Corp. can trot out numerous statistics showing that its record for computer security has improved, but the technology giant admits it still has a big social-engineering job to do to complete the loop.

Social engineering is the term often given to the strategy used by “Phishers” or other online scammers to trick people into surrendering passwords or other bits of personal information.

At a media briefing yesterday at its headquarters here, a Microsoft official said the key is looking at security in a holistic way.

“You have to beef up your computer’s defences and that will take care of certain problems,” said Jacqueline Beauchere of Microsoft’s Safety, Technology and Strategy Group.

“You have to have safe online habits and be informed as a consumer. There’s a piece of technology and a piece of street smarts — and you have to use them together.”

Beauchere said the company’s new Windows XP Spam Blocker product currently blocks 3.2 billion spams per day — the sheer numbers clearly indicating the volume of the problem.

But she said a global survey of 15,600 individuals in December that asked about Phishing — the sending of a fake e-mail that attempts to fool recipients into giving up sensitive personal data — found that awareness of this tactic was shockingly low.

In the U.S., 64 per cent were aware of it, but in the 17 other countries surveyed — Canada was not included — just 15 per cent knew were familiar with Phishing.

“These criminals seize on the fact they are going to excite you or get your attention saying things like accounts expiring or you’ve won a contest,” said Beauchere.

“Even clicking the link could install a key stroke logger and you’re done. Think first before you click.”

Microsoft’s strategy for security has a strong consumer education component. There are several information pages within the company’s website at www.microsoft.com

© The Vancouver Province 2005