Most readers of this site will recognize a malicious email when they see one, but they are a source of danger to less tech-savvy individuals. One such campaign claims to be from Microsoft, advising people to update Windows, but doing so will install ransomware on your computer.
Falling in the trap
Researchers from Trustwave discovered spam emails which come with an ‘Install Latest Microsoft Windows Update now!’ or ‘Critical Microsoft Windows Update!’ subject line. The emails contain just one sentence, and the first word begins with two capital letters, making it appear even less legitimate. See the email below:
Recipients are asked to click an attachment to download the ‘update.’ According to Trustwaves report the file will appear to be a .jpg extension, but in reality it’s actually an executable .NET downloader that delivers malware to the infected system.
As with other ransomware, your files will then be encrypted when you download the file. Victims will reportedly find a ransom note named “Cyborg_DECRYPT.txt” on their desktop, which demands $500 to decrypt the files.
After paying ransom money & word of advice
Trustwave reports that if the victim pays the ransom money, the attacker may (or may not) return the encryption key.
A word of caution for the uninitiated: In reality, all operating system developers send update notification directly on users desktop via pop-ups or system notification. Microsoft never sends any of its updates via emails.
The best way to stay secured is not to trust any email that asks you to install any Windows update. Avoid opening those emails and downloading the attachments they contain.