Last week Microsoft launched its Windows 10 operating system, and within two days scammers started taking advantage of that by trying to plant malware on your computers.
If you have reserved but not yet received your upgrade to Windows 10, bear in mind that Microsoft is not installing these upgrades through emails.
Researchers at Cisco discovered ransomware being sent to unwitting people in emails claiming to offer Windows 10 upgrades.
At first glance the email might look superficially plausible (despite the usual writing errors) – the scammers made sure to use a color scheme similar to Microsoft's genuine one, and filled the email with small print copied from actual Microsoft messages. There's even an authentic-looking notice assuring you “This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.”
But if you download the attached file you'll see something else: a red-letter warning informing you that your files have been encrypted with CTB locker and cannot be read again unless you have the decryption key – and, unless you pay a ransom within 96 hours, that key will be destroyed and your files remain lost forever.
The best defense against ransomware is to not let it get on your computer in the first place. But just in case it does, you should regularly make backup copies of important files and store them independently, unconnected to your computer. And, as always, remember the anti-malware rule “Never download a file attachment or click on a link in an unsolicited email.”