Received a tempting email offering a free upgrade to Windows 10? - don't open it!
Ransomware disguised as an installer of the new operating system will hijack your computer by encrypting important files such as word documents and photos.
The ransomware resides in an email that claims to be from Microsoft which offers a free upgrade to Windows 10. The email contains a zip file attachment, which contains a program labelled as the Windows 10 installer.
If you receive an email offering a free upgrade to Windows 10, you should delete the email and not open it or any attachments.
Windows users interested in upgrading their computer can register via Microsoft's official website. Windows 10 updates will then be facilitated by a program on your computer, not via an email offer.
Windows users are warned to treat any email offering a free upgrade to Windows 10 with caution
Stay Smart Online the Australian Government's online safety and security website, has provided alerts about a number of ransomware attacks in the past, including the Cryptowall 3.0 attack in June 2015.
The current Windows 10 attack does not use exploits (a piece of software, chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behaviour to occur on computer software or hardware) and relies instead on the user being deceived into running the malware.
While there have been reports that files are recovered if the ransom is paid, this does not protect your computer against further attacks. In fact it is possible for the attacker to simply encrypt your files again. Stay Smart Online recommends not paying the ransom rather victims should seek immediate technical advice.
Staying Safe
• In order to protect yourself from this attack, be cautious when clicking any link containing free software or other offers.
• If your computer is compromised, seek immediate technical advice to remove the ransomware from all infected computers and recover the files from backup.
• If your computer has been compromised, you can report the incident to the Australian Cybercrime Online Reporting Network (ACORN).
ACORN provides information on how to recognise and avoid common forms of cybercrime, such as hacking, online scams, online fraud, identity theft, attacks on computer systems and illegal or prohibited content, as well as offering advice to those who have fallen victim.
