Fake “Windows 10 Free Upgrade” emails deliver ransomware

“It didn’t take long for malware peddlers to take advantage of the huge interest users have shown into Windows 10.

The newest version of the popular software was released globally last Wednesday, and was downloaded more than 14 million times in 24 hours.

The latest confirmed information puts that number at 67 million – not a wonder, as users of genuine copies of eligible editions of Windows 7 and Windows 8.1 can download the new version for free.

But, the great commotion following its release has also been a boon for cyber crooks.

On Firday, Cisco’s Talos Group has spotted an email campaign impersonating Microsoft, offering potential victims an attachment that is supposedly a Windows 10 installer (click on the screenshot to enlarge it):

Even though the email contains several characters that dont parse properly, the fact that the email seems to come from a legitimate-looking email address (update@microsoft.com), uses a color scheme and disclaimer similar to the one used by Microsoft, and contains an indication that the message attachment has been scanned by an antivirus solution, will likely fool many into downloading and running the attached file.

Those who do will be saddled with a variant of the CTB-Locker crypto-ransomware, and will be asked to pay a considerable sum to get their encrypted files decrypted.

This is not the first time that cyber crooks have used Windows 10 as a lure. Earlier this year, they have been pushing unwanted applications onto users under the guise of (bogus) Windows 10 “activators”.”