Another new operating system upgrade, another opportunity for attackers to try to take over your computer.
Cisco has discovered a new email scam that preys upon users' desire to upgrade to Windows 10 for free. The email looks like it comes from Microsoft, with the firstname.lastname@example.org address, but it's really a spoofed address. If you weren't careful, you might think the email is legitimate, especially with the interesting footnote added by the scammers at the end of the email, which says that the email has been scanned by antivirus and looks like a clean file. Here's what the message looks like:
If you read carefully, though, you'll notice some characters aren't parsed correctly, which Cisco theorizes could be due to the audience the scammers are targeting (a demographic using a non-standard character set) or the character set used to create this email.
If a user downloads the zipped file linked to the email and runs the executable in the package, his or her computer will be taken over by CTB-Locker, a type of ransomware that forces users to pay to unlock their PC.
Thankfully, if you have anti-malware software installed, such as Malwarebytes, these kinds of malicious emails should be prevented.
Microsoft is taking its sweet time to upgrade all users to Windows 10 (it could be weeks before the upgrade is delivered to everyone), but when it does, the upgrade will come directly to your computer (check the taskbar for the notification)--never through email.
[h/t Tech Insider]