Ransomware Coming Disguised as a Windows 10 Update

It’s common knowledge that cybercriminals work quickly; they pay close attention to the IT world and hunt for vulnerabilities to prey on, or new software to use as a disguise for their attacks.

ransomwareWith the release of Microsoft’s Windows 10 last month, malware developers and other scam artists were quick to use it to their advantage.

Cisco’s Talos Group discovered an email campaign that pretends to be from Microsoft, containing an attachment that promises to upgrade you to Windows 10. Of course, that’s not the case – the email is a fake, sent by cybercriminals to encrypt your files with a piece of ransomware called CTB-Locker, yet another variant of the Cryptolocker virus.

Be Cautious of Your Inbox

Ransomware is often disguised as an email from someone you’d trust, such as Microsoft. This threat comes from the email address update@microsoft.com and the subject is “Windows 10 Free Update”.

Remember that these criminals are good at what they do – there are no spelling errors and the email is designed to look as legitimate as possible. Much of the content, in fact, is copied directly from Microsoft’s website. Even when you go so far as to download the attachment, the logo on the installer icon will be the familiar Windows 10 logo.

You’ll only realize you’ve made a mistake once its too late – after installation, instead of getting the Windows 10 upgrade screen, you’ll find your files have been encrypted by CTB-Locker.

Always be cautious of what’s coming into your inbox – if you’re not expecting an email, especially one with attachments, then you should question the sender. Don’t look for quick, easy ways to upgrade to Windows 10 either.

For more information on how to stay protected and ensure you don’t fall victim to ransomware attacks, contact Delphi Systems on (403) 380-3343 or via email at info@delphisystems.ca.