Skip to main content

Be wary of fake Windows 10 upgrade emails

If you're still waiting for your free update to Windows 10, be careful, as there's serious malware circulating around the net.

As usual, cyber crooks are fast to react to a trending topic and will try to take advantage of it to place malware on unsuspecting victims.

This time, they are tapping into the Windows 10 upgrade trend and are trying to sneak malicious code to people who think they’re getting their copy of the latest Microsoft OS.

According to a report by Cisco’s security group Talos, someone is “impersonating Microsoft in an attempt to exploit their user base for monetary gain”.

“The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign”, it adds.

The gig is simple – someone is sending people emails which seem to be, by all means, sent by Microsoft itself. The email, designed and formatted to replicate real emails coming from Microsoft, even down to using the same colour scheme as the software giant, will offer the unsuspecting victim a download link.

The email subject is "Windows 10 Free Update". The 'from' field features the email address, but according to Talos, it is coming from Thailand.

But the software downloaded is not Windows 10, but ransomware instead, which will see your files locked and if you don’t pay, you will lose them all.

The particular ransomware variant in this case is CTB-locker and like all ransomware it encrypts the files on your computer and demands a ransom be paid in a given period of time or risk losing the files forever. In this case the window for payment is just 96 hours which is much shorter than most ransomware demands.

The criminals are asking for payment in Bitcoin and are using the Tor network to remain anonymous.