Windows 10 rollout gets hijacked by scammers with malicious upgrade email

With millions of people expecting to upgrade to Windows 10 this week, fraudsters have taken advantage of an opportunity to scam some money. Many people have not received an official notification to upgrade, so when an email purporting to be from Microsoft tells them to run an attached file for the upgrade, some people are eager to do it.

To the unsuspecting eye, the email looks quite convincing; it uses the Microsoft color scheme, comes from an [email protected] address, has a disclaimer message and even includes a message saying that the email was scanned for viruses and passed.

But the email is of course fake and the attached file is a CTB-Locker, which is ransomeware or a variant of malware. Ransomeware, in this case, encrypts files and photos on the PC and the only way to “release” them is to pay the scammers a fee in Bitcoin or Tor. They even have the audacity to give the victim a 96 hour time limit to fork over the cash.

There are some clues which might warn a potential victim against opening the attachment. The text in the email doesn’t render correctly with non-standard characters spread throughout the message. Oddly, the message doesn’t even contain the Microsoft logo; perhaps the scammers were worried about getting sued by the company. However, the most important clue is to remember that Microsoft would never send out an email with an exe in a zip file attached. In fact, no professional company with any sense would do such a thing.

To many readers, this may seem like an easy scam to spot but Windows 10 is being downloaded by millions and there are bound to be more than a few “less technical” people in that number. Unfortunately these scams are a feature of modern life that Microsoft is doing its best to tackle. However, the best ways for an individual to prevent them is to install antivirus software and to back up regularly.