Scam Alert: Microsoft Is Not Upgrading Computers To Windows 10 Through Email

This is what the scam email purporting to be from Microsoft looks like. Don't fall for it.

This is what the scam email purporting to be from Microsoft looks like. Don’t fall for it.

First and foremost: If you’re a Windows 7 or 8 user, Microsoft will not email you to upgrade to Windows 10. If you do get an email along those lines, it’s probably a scam and if you download what’s inside, bad guys could hold your computer’s files for ransom.

Cisco Security’s Talos researchers discovered a new scam email, involving what’s known as ransomware, going around that offers to upgrade computer users to Windows 10 for free. While Microsoft is upgrading Windows users for free, the company is only sending notifications to users via their desktops, and is not emailing anyone. If you see an email along those lines from someone purporting to be Microsoft, delete it immediately.

Those that do download the “upgrade” from the email will instead find their computers taken over by ne’er-do-wells who will demand to be paid, likely with Bitcoin, as it’s untraceable.

Example page of what users who download the attachment may see (via Talos)

Example page of what users who download the attachment may see (via Cisco)

A wait process for the real Windows 10 might make some users impatient, and therefore, vulnerable, Talos points out.

“This threat actor is impersonating Microsoft in an attempt to exploit their user base for monetary gain,” Talos’ report says. “The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign.”

Talos advises people to back up their data, and keep copies of those backups offline, where they’re safe from attackers. And again, if you receive an email that seems like maybe it could be from Microsoft offering a Windows 10 upgrade, just delete it.

Your Files Are Encrypted with a “Windows 10 Upgrade” [Cisco blog]