Microsoft is rolling out its free Windows 10 upgrade in phases, which means that some of those who are signed up to receive the new OS have to wait (your author included). It's only human nature that waiting breeds impatience, and some diabolically clever malware makers are taking advantage of the situation. According to a new threat analysis by Cisco, a new crop of scam emails masquerading as a Windows 10 upgrade notification is making the rounds, with an attached "Windows 10 installer" zip file that's actually a variant of the CTB-Locker cryptographic ransomware.
As is usually the case with these types of scams, the email itself contains a variety of malformed characters, questionable grammar, and amateurish-looking assurances that the message has passed a threat scan. If the user ignores all of those cues and downloads and installs the attached executable, the ransomware encrypts a wide swath of personal files and threatens the permanent loss of that information unless the victim pays off the attackers in time.
Cisco recommends that users maintain regular offline backups of their data to avoid falling victim to the attack. We recommend patience and a healthy dose of skepticism while you wait for your Windows 10 upgrade—and when dealing with any suspicious email.