It’s no secret that Microsoft’s Windows 10 updates have been controversial as of late.
They’ve been filled with patches fixing previous updates’ bugs only to create more issues.
Now, there is a new problem Fake ransomware filled updates.
Trustwave’s SpiderLabs Security researchers identified a new malicious campaign.
That spoofs urgent update emails from Microsoft to infect user’s systems with the Cyborg ransomware.
How to Find a Fake update?
Targeted users first get an email with the subject line either ‘Install Latest Microsoft Windows Update now!’ or ‘Critical Microsoft Windows Update!’
And it makes more suspicious as Microsoft pushes Windows updates through its operating system and never through emails.
The email itself contains just one line of text which reads: “Please install the latest critical update from Microsoft attached to this email” as shown in the image.
While the fake update attachment has a “.jpg” file extension, it is actually not a picture but instead is an executable file.
This executable file is a malicious .NET download that the attackers have designed to deliver malware to the infected system.
How do you not get infected?
Like all advice, the best thing to do when you see dodgy emails requesting you install something is to delete them.
And make sure your password is strong if you suspect it’s been compromised.
Telltale signs of an email with malicious intent include misspellings, poor grammar, and incorrect branding.
While it’s not advisable to even open an email, if you check the sender’s email, they’re also likely to be a dead giveaway.
Official emails from Microsoft, or even Netflix like another recent scam, are not likely to use Gmail or include incorrect domains like “Microsoft.org”.
Keep an eye on these and remember to report anything to Scamwatch so they can monitor the situation.
To make safe your laptops and desktops, stay aware of the fake emails for Windows 10 updates.
For more updates, Stay connected with us.