Windows 10 upgrade scam

In what appears to be a legitimate email from Microsoft (update@microsoft.com) the email entices the user to download the latest version of Windows 10 from a link from within the email.

In the event that the file is downloaded the user’s computer will run a malicious executable file (CBT-Locker), a type of ransomware which locks the infected computer prompting the user to pay to unlock their computer.

The following link will take you to an article with more information: http://blogs.cisco.com/security/talos/ctb-locker-win10%20

The NCSC advises using SPF record checking as part of your anti-spam filter software (see section 15.2.15 of the NZISM) to prevent emails like this coming through.

For any further assistance contact the NCSC at info@ncsc.govt.nz.