With Windows 10 free upgrade everywhere in the news and Windows users eager to upgrade their systems for free to Windows 10, hackers too are exploiting Microsoft’s offer and are sending bogus spam mails with malicious attachments as if its the Free upgrade offer.
Cisco’s security team has discovered some such emails and warned the users. The spam mail make it appears to have come from Microsoft and asks users to download a file to upgrade to Windows 10 for free. But the file is actually a ransomware.
“This threat actor is impersonating Microsoft in an attempt to exploit their user base for monetary gain. The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign.”
The email message above is a sample of the type of messages that users are being presented with. (pic courtesy : Cisco blog)
The From address, the adversaries are spoofing the email to look like it is coming directly from Microsoft (update <at> microsoft.com). But a quick look at the email header reveals that the message actually originated from IP address from Thailand.
They are also using the same color scheme.
Please note that Microsoft is providing the users with screen notification and they have to upgrade via Windows update like any other updates and not via any emails.So users are warned not to click such mails and be extra cautious if such mails pass security scan in emails.
For full details please check Cisco blog.