Science & Tech
Evan Bartlett
Aug 02, 2015
Some Microsoft users have been receiving emails in the past week with the promising subject header "Windows 10 Free Upgrade".
Great, you may think. Microsoft started rolling out Windows 10 on 29 July but users of old operating systems (Windows 7 or 8.1) have to reserve their place for an upgrade, with the company explaining that waiting times will vary by device type or mobile carrier.
The email that people have been receiving appears to contain an installment package so they can use Windows 10 right away. But there's just one problem: it contains a piece of malicious "ransomware".
First discovered by Nick Biasini, a "threat researcher" at the Talos Group, the "ransomware" encrypts your files, thus making them inaccessible to you, and gives you 96 hours to make a payment to have them decrypted.
The fact that users have to virtually wait in line to receive this update makes them even more likely to fall victim to this campaign.
- Nick Biasini
In a blog on the Cisco website, Biasini notes the email sender (update@microsoft.com), colour scheme and disclaimers at the bottom of the page all make the email appear legitimate.
It also bears a message which states that the email has passed through a mail scanner that picks up viruses and other malicious content - this has been put in by the scammers.
However, a further look at the email sender reveals it originates from an IP address in Thailand and errors in the body copy also act as a red flag.
Users should back-up all their files offline so they cannot be attacked by malicious software and check the Microsoft website for details on how to upgrade to Windows 10.
Top 100
The Conversation (0)
x