Home opinion-and-analysis Fuzzy Logic Cisco warns of fake Windows 10 upgrade email ransomware

If you get an email purporting to come from Microsoft with the subject line ‘Windows 10 Free Update’, be warned, it’s a ransomware encryption attack!

Emails promising to offer a free upgrade to Windows 10 from ‘Microsoft’, in a similar blue colour to the one Microsoft uses but with weird ‘A’ symbols in the body of the text are fake.

Coming from Thailand, the emails seem to have copied and pasted text from Microsoft’s site about the benefits of Windows 10.

However the weird ‘A’ symbols in the email are a dead giveaway that something is wrong, as is the fact the email comes with a .zip attachment called ‘Win10Installer.zip’.

However some people seem to be ignoring this and are getting comfort from the fake assertion in the text of the email that the email has been scanned by malware scanners and proclaimed safe.

However, once you open the attachment - you’ll see the message in the image above - that ‘your personal files are encrypted by CTB-Locker’.

The message states ‘Your documents, photos, databases and other important files have been encrypted with stronger encryption and unique key, generated for this computer’.

The threat continues, stating: ‘Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key’.

You are given 96 hours to pay up, otherwise you receive the threat that your files ‘will be permanently crypted (sic) and no one will be able to recover them.’

A ransom of hundreds of dollars which must first be converted to bitcoin is normally requested as the ransom to release your files back to their pre-encrypted state.

The news comes via Cisco, which is warning the world via its blog that ‘the ransomware is being delivered to users at a high rate.’

A video of the malware at work, courtesy of Cisco, can be seen here in this YouTube video:

The best defence against ransomware is to make multiple online and offline backups, so that even if some backups to hard disks connected to your computer doing continual backups are also encrypted, you have unencrypted, safe backups that you can recover from.

You also need to be hyper-aware of attachments from unknown and untrusted sources - even if they appear to come from friends or people you know.

These details can be faked and it can be safest to not open any attachment you aren’t expecting - and even then, think twice!

Naturally you should run up-to-date Internet security software, but sadly this is not a guarantee that you’ll be protected from ransomware.

Ransomware and viruses can also be downloaded from untrusted sources on the Internet or via sites delivering pirate media and software, so again, you need to be very careful about what you download from where.

Really, the best defence is multiple online and offline backups as well as hyper vigilance over email attachments - anything purporting to come from a government department for a fine, or for taxes, or for free Windows 10 upgrades or anything else should definitely be placed under suspicion.

If in doubt, don’t open any attachments you’re unsure of, don’t download anything you shouldn’t be downloading, and backup, backup and backup again, in online and offline forms!

Finally, iTWire Editor Stan Beer wrote an article yesterday about Melbourne-based IDO Lab and Cryptoinsure which can help SMEs and small businesses to protect and insure themselves against malware attack. 


With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.


Popular News




Sponsored News