'Windows 10 Free Update' Fake Message

The Fake 'Windows 10 Free Update' message is a recent e-mail spam campaign that uses fraudulent messages and file attachments to lure victims into compromising their systems with a file encryptor Trojan. Due to the inherent difficulty in recovering files that are encrypted by this threat, malware experts especially recommend preventative security steps for keeping your PC safe from the Fake 'Windows 10 Free Update' message payloads. PCs whose mailboxes have acquired a Fake 'Windows 10 Free Update' message should receive scans for the presence of any possible threats, and you should delete the actual messages without any further interaction.

The Surprise File Locker Inside Your New Windows OS

Threat programmers often display an interest in new software releases, both for adapting to the changing landscape of built-in vulnerabilities, as well as for finding new hooks for their social engineering hoaxes. One of the most eminent of these themes is the release of a new version of Windows, which sometimes sees accompanying threat campaigns like the current Fake 'Windows 10 Free Update' message.

The Fake 'Windows 10 Free Update' message is sent to arbitrary victims via e-mail, using a format based on standard notifications for Microsoft's Windows. The messages include legitimate-seeming 'From' fields, disclaimers and internal content supposedly offering a free download of Windows 10. The Fake 'Windows 10 Free Update' message also includes a fraudulent security message claiming that security scans for the Fake 'Windows 10 Free Update' message's file attachment have taken place. The latter message also embeds a link to a legitimate (but unaffiliated) e-mail security service.

Instead of upgrading their operating systems, any PC users opening the file attachment are compromised by a variant of CTB-Locker, AKA Critoni Ransomware. Like past versions, this version of CTB-Locker demands that its victims pay a Bitcoin ransom to regain access to their files, which it modifies with an unbreakable encryption algorithm to make them unreadable. Graphical and text-based instructions deliver the ransom demands, along with instructions on delivering payments, albeit at no certainty of reciprocal services from the people behind the Fake 'Windows 10 Free Update' message.

Keeping Your Files from Falling out Through a Fake Windows Message

Despite having many details of semi-authentic presentation, the Fake 'Windows 10 Free Update' message does show other traits of being threatening. These attributes may include its non-matching header information, along with partially garbled text that could be symptoms of an inappropriate character set conversion. These signs and others indicate that the Fake 'Windows 10 Free Update' message campaign most likely is being orchestrated by threat actors outside of the US. In addition to the inherent dubiousness of carrying a file attachment, the Fake 'Windows 10 Free Update' message also may cue suspicion for its file using a ZIP archive format. ZIP and other file compression formats are well-known for being one means by which third parties may try to sidestep some basic threat-detecting services.

Malware experts haven't seen samples of the Fake 'Windows 10 Free Update' message carrying embedded, threatening content that could trigger itself without any interactions from its victims. As a result, deleting the Fake 'Windows 10 Free Update' message immediately should keep your PC (and its files) safe. PC users who are concerned about protecting their data should, as usual, look into remote backup solutions that can greatly hinder most file encryption attacks. At least one PC security institution has noted that current rates of delivery for this campaign are 'high.'