10/08/2015
Fake Windows 10 upgrade email installs ransomware!!
Summary:
• Rogue email being sent out which appears to be from Microsoft offering a free upgrade to Windows 10.
• Email includes an attachment, which when opened will encrypt all your important files.
• Microsoft will not send out any files via email to upgrade your PC.
Details:
Ransomware is being distributed in an email that claims to be from Microsoft. The email includes a file attachment which, when opened, contains a program labelled as the Windows 10 installer. Running this program will unleash the ransomware on your system which will encrypt all your important files, including documents and photos. More details on this ransomware can be found here.
If you receive an email which is offering a free upgrade to Windows 10, we advise you to delete the email and do not open any attachments. Microsoft will not send out any files via email to upgrade your PC. If you are interested in upgrading your PC to Windows 10, you can register for this via the Windows 10 upgrade icon which will be located at the bottom right corner of your desktop near the date and time. More information on the free Windows 10 upgrade can be found on the official Microsoft webpage or if you would like a technician to assist with the upgrade, please give us a call.
Business users should not attempt any upgrades without the assistance of their IT departments and are advised to ensure any critical data is backed up in case an infection does occur.
Encrypted files are not able to be decrypted in most cases, so your best defence is to regularly back up your data. There are reports that files are recovered if the ransom is paid, however this will not protect your computer against any further attacks. For this reason, we do not recommend that the ransom is paid.
How to protect yourself:
• Backup your important files
• Install and update anti-virus software on your PC
• Always be cautious when clicking any link containing free software or offers
• If your PC is compromised, seek technical assistance to remove the ransom/malware infection and recover files from your backup
• Report the incident to the Australian Cybercrime Online Reporting Network (ACORN)
