And Microsoft NEVER sends emails prompting you to update
Windows updates are essential for keeping your system safe, not just from bugs, but from hackers too. Sadly, Microsoft’s track record isn’t the best for stable updates. That said, even when the updates aren’t the best, you should still keep your computer up to date.
Be warned though, the updates can be exploited by hackers and a Windows update email currently doing the rounds is just such a thing – the file in the email is full of ransomware. Do NOT open the email or click on the link.
What Will It Do?
The email is spam and common sense should tell you that Microsoft doesn’t send emails asking you to update – the updates are notified by a system alert.
The link in the email is a nasty piece of malware, identified by Trustwave security researchers as the infamous “Cyborg” ransomware. Install it and it will lock up all your files, demanding a bitcoin ransom to unlock it all again.
Microsoft does release regular patches and updates so getting another alert might not seem out of place. Although Microsoft doesn’t use email as an alert system, the hackers are banking on a certain number of people not realizing and clicking the link anyway.
A closer look at the attached file reveals it to look like a .jpg image and that reveals everything. Further research by Bleeping Computer reveals that the scam is not so much of a threat, more of a dud – while disguising the file as a .jpg does hide what it does, it also renders the program next to useless. When the hackers disguised their program as a JPG file, the effectively broke it.
That said, if you do get an email, with a subject line along the lines of “Critical Microsoft Windows Update” or “Install Latest Microsoft Update Now”, do not open it. In fact, just delete it and forget about it.
Have you had one of these emails?