windows-10-2
The Windows 10
rollout has been relatively smooth, but there are plenty of users who
never received the Get Windows 10 app and are still waiting in line for
their turn to update. Unfortunately, scammers have seen how desperate
Windows users are for the update, which is why it should come as no
surprise that a phishing campaign has been discovered.
According to Cisco’s Talos Group, scammers impersonating Microsoft
have begun sending out emails informing individuals that they are
eligible to upgrade to Windows 10. The email appears to come from an
official Microsoft address, update@microsoft.com, adding to its
authenticity, but don’t be fooled — Microsoft isn’t going to send you an
email with Windows 10 as the attachment.
There
are several blatantly obvious signs in the body of the email as
well, most notably characters which don’t parse properly. You can be
certain that any official emails from Microsoft will use characters that
display correctly on your device of choice.
If
you were to ignore all of these signs, download the .zip file, extract
the software and run the executable anyway, you would immediately find
your computer locked by a ransomware variant called CTB-Locker. Here’s
what it looks like:
“The
threat of ransomware will continue to grow until adversaries find a
more effective method of monetizing the machines they compromise,” says
the Talos Group. “As a defense, users are encouraged to backup their
data in accordance with best practices. These backups should be stored
offline to prevent them from being targeted by attackers.”
See a video of someone installing the ransomware at this link.
Related stories
This article was originally published on BGR.com
0 comments:
Post a Comment