Alert: Email Appearing to Be From Microsoft about Windows 10 Upgrade is Really Ransomware
For many Windows users, the fact that Microsoft is issuing Windows 10 incrementally came as a shock for those who patiently waited for its release date. While users wait, however, hackers are taking advantage of those who are less patient by creating a ransomware that disguises itself as a launcher for a Windows 10 download. So, while you sit and wait for your version of the latest OS, don’t fall prey to deals that seem too good to be true.
To a degree, this might partially be Microsoft’s fault for incrementally distributing the new OS. Even though a short wait isn’t all that bad, some just can’t wait to get their hands on Windows 10, and will believe anything they see on how to get it. This leads some users to receive the nasty CTB-Locker, a ransomware similar to Cryptolocker that encrypts the files stored locally on your computer. In order to decrypt the files and regain access to them, the user usually needs to dish out a pretty hefty chunk of change.
This particular ransomware can be contracted via an email scam. For those without an eye for detail, the spam can be difficult to spot.
While at first glance it might appear to be the real deal, look a little closer. The message is riddled with errors, despite the fact that the message appears to be from Microsoft, a reputable business in the software industry. This message takes advantage of the fact that users want their new operating system as soon as possible, and prompts them to download a .zip file. When the user downloads the file, the malware encrypts their PC, effectively locking it down and preventing access to important files until the ransom is paid.
To add to the troubles that come with this ransomware, these hackers have taken measures to ensure that their tracks are covered as conveniently as possible. By using the anonymity communications system Tor, and by demanding the ransom be submitted in Bitcoin, it’s difficult to track down and stop these criminals. According to ZDNet, ransomware like CTB-Locker is an increasingly popular issue in the cyber security world, extorting somewhere between $200 and $10,000 from each user per occurrence. In 2015 alone, it raked in roughly $18 million from over 1,000 users, making it a very potent tool to leech money from unsuspecting users.
If your organization is equipped with a good spam filter, you probably won’t receive this message, despite the fact that it’s heavily customized to fool users into believing it’s legitimate. Granted, a spear phishing attack can potentially weasel its way through a spam filter, so if a scammer really wants to trick you, they’ll find a way to do it.
If you really want to keep your files safe from this ransomware, the best approach is to stay cautious and keep an eye out for any emails that are either too good to be true, or downright sketchy. Never download attachments from unknown senders, and always keep your spam filter active. These measures will help to make sure your PC stays secure, and in turn, the rest of your network will remain secure. Give White Mountain IT Services a call at 603-889-0800 for more information on how you can keep scammers and hackers from infiltrating your systems.