After our report on crytoviruses, readers expressed frustration over how despite their best efforts to secure IT within their organisation, there is always that one chump who clicks on a special offer email on the computer they use for work and compromise the corporate network. Well now there's one more threat to worry about: Windows 10 upgrade ransomware emails.
With all the hype surrounding the launch of Microsoft's new operating system, a wave of computer users are aching to jump on-board. Millions downloaded the free upgrade at launch and many more are patiently waiting for their turn in the progressive rollout. Understandably, some people want to jump the queue and cybercriminals are trying to prey on the anticipation and excitement.
Cisco has warned of a cryptovirus threat that impersonates an official email from Microsoft, offering a free upgrade to Windows 10 along with an attachment. Once the attachment is opened, the cryptovirus takes the computer hostage, demanding payment within a timer ticking down to the deadline before all files are destroyed.
From Cisco Blog
"The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign," Cisco threat researcher, Nick Biasini, said in a company blog post.
For organisations that exercise absolute control over their end-user devices, that wouldn’t be a problem. However, many companies out there value providing employees with a degree of flexibility on their work devices, allowing them to manage their own installation of software or have bring-your-own-device (BYOD) policies. The problem is, cryptoviruses can infect multiple computers on the same network if even just one device is compromised, which can be extremely damaging to an organisation.
You can't guarantee that one security-challenged employee won't screw up and click on a cryptovirus email, but for now, you can let the people in your organisation know what to look out for in excruciating detail. The Windows 10 upgrade scam email looks like this:
From Cisco Blog
Despite using the blue colour scheme that Windows 10 typically uses, there are tell-tale signs that it's a fake. Several characters on the email don't show up properly and, ironically, there's a disclaimer at the bottom that claims the message has been scanned for viruses, which is becoming a common technique for cybercriminals.
You can see the attack in action in the video, originally released by Cisco, below:
As discussed in our previous cryptovirus article, backing up is your best friend. Backing up all crucial business data means even if your company is hit with a cryptovirus the damage would be minimised.