topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 2:46 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online  (Read 11341 times)

x16wda

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 888
  • what am I doing in this handbasket?
    • View Profile
    • Read more about this member.
    • Donate to Member
Just in time for the new week, we have this from fosshub.

We have bets in at work on which client will report this to us first after honkling their file server... (honkling = a whole letter worse than just honking a box...)

According to the Cisco’s security team, they have found a new scamming campaign that spreads CTB-Locker ransomware. This trouble comes in the form of a fake Microsoft email, telling Windows users that their Windows 10 download is ready.

These messages in Windows 10 ransomware scam mimic the emails sent by Microsoft, along with some text mistakes and changes. However, scammers have managed to spoof the address of origin as [email protected]. To make the messages look more authentic, attackers are using the same color scheme used by Microsoft to fool the users. Thus, these emails look more legitimate.
vi vi vi - editor of the beast

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #1 on: August 03, 2015, 06:24 AM »
Well that didn't take long.

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #2 on: August 03, 2015, 09:24 AM »

Anyone want to summarize a "magic bullet" method of separating the fake ones from the real ones?

I could see myself falling for that with a spoofed address because my best main method (besides look and feel) of telling phishing is hovering over the address that says things like "Microsoft" (from werwfdsf.thai) or something.


KynloStephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 3,741
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #3 on: August 03, 2015, 09:31 AM »
Just in time for the new week, we have this from fosshub.

We have bets in at work on which client will report this to us first after honkling their file server... (honkling = a whole letter worse than just honking a box...)

According to the Cisco’s security team, they have found a new scamming campaign that spreads CTB-Locker ransomware. This trouble comes in the form of a fake Microsoft email, telling Windows users that their Windows 10 download is ready.

These messages in Windows 10 ransomware scam mimic the emails sent by Microsoft, along with some text mistakes and changes. However, scammers have managed to spoof the address of origin as [email protected]. To make the messages look more authentic, attackers are using the same color scheme used by Microsoft to fool the users. Thus, these emails look more legitimate.

Ahh gotta love misleading information - It has sweet-FA to do with Windows 10 - It's just randomware...it will cripple you on ANY OS...In fact, it doesn't even target people ON Windows 10 (Unless people are stupid enough to click it) as it is designed for those who have NOT updated yet...so...if anything....it has NOTHING to do with Windows 10 other than it's trying to grab people who would be upgrading to it...

Facts...they are not hard to understand.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #4 on: August 03, 2015, 11:05 AM »
Anyone want to summarize a "magic bullet" method of separating the fake ones from the real ones?

The fake one has a .zip attachment.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #5 on: August 03, 2015, 11:08 AM »
It has sweet-FA to do with Windows 10 - It's just randomware...

While basically true, the reality is it's leveraging the confusion surrounding the new-fangled Windows 10 upgrade delivery system to get people to launch it.

KynloStephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 3,741
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #6 on: August 03, 2015, 11:58 AM »
It has sweet-FA to do with Windows 10 - It's just randomware...

While basically true, the reality is it's leveraging the confusion surrounding the new-fangled Windows 10 upgrade delivery system to get people to launch it.

Yeah, but what strikes me, is everybody (news outlets included) are reporting it, as if it is a problem WITH Windows 10 itself, rather than really making it obvious (without reading in depth) that it is an e-mail scam.  For most of the internet (sigh) the truth is simple...they will read a headline on Facebook, or a news website, and see stuff like "A Dangerous Windows 10 Ransomware Scam Is Spreading Online" which instantly makes people jump to the conclusion that Windows 10 is evil and will cause you to lose all your files.  It's like saying "GTA V files found to contain terrorist training materials"...when the true story is really that some torrent purporting to be GTA V, contains those files...And although yes, the headline is theoretically true...it gives the complete wrong indication as to wtf is really going on.  It really should read something like "E-Mail scam targets those who haven't upgraded to Windows 10" (Or something along those lines)...but sadly...the world we live in requires the people who write these stories, to make them as obscure as possible, with a clickbaity style header, making people want to jump to conclusions and share the story based on nothing but guess work :(

CWuestefeld

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,009
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #7 on: August 03, 2015, 02:26 PM »
Anyone want to summarize a "magic bullet" method of separating the fake ones from the real ones?

Check for spelling and grammar errors. I have never seen a phishing or scam email that didn't have such errors. But a company like MS is going to have everybody from their marketing department to their lawyers proofreading anything they send, it's not going to have such errors.

It seems that the folks who engage in scams like this are the kind of people who think they can get by without having to do their own work, and so they never did their own studying back in school, either.

KynloStephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 3,741
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #8 on: August 03, 2015, 02:35 PM »
Anyone want to summarize a "magic bullet" method of separating the fake ones from the real ones?

Check for spelling and grammar errors. I have never seen a phishing or scam email that didn't have such errors. But a company like MS is going to have everybody from their marketing department to their lawyers proofreading anything they send, it's not going to have such errors.

It seems that the folks who engage in scams like this are the kind of people who think they can get by without having to do their own work, and so they never did their own studying back in school, either.

Well, tbh, when it comes to this...As far as I am aware, they don't e-mail you shit to click to download - They just download it to your PC if you pre-ordered via the annoying popup, then it will give you an annoying popup to tell you it's done doing whatever it did.

It does specifically say, in that stupid popup, that when it is ready, that window will let you know - absolutely nothing about "We will e-mail you" - So...if people didn't read that, they may as well go ahead and collect that prize for being the #1,000,000 visitor, help that Saudi Prince get access to his funds by sending him $1000, buy some of that tasty Viagra, partake in some penis enlargement pills and play the Nigerian Lottery.

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #9 on: August 03, 2015, 03:05 PM »
Well, tbh, when it comes to this...As far as I am aware, they don't e-mail you shit to click to download - They just download it to your PC if you pre-ordered via the annoying popup, then it will give you an annoying popup to tell you it's done doing whatever it did.

It does specifically say, in that stupid popup, that when it is ready, that window will let you know - absolutely nothing about "We will e-mail you"

dont be too quick of the mark there Stephen - I got asked when I 'reserved' my copy, if I wanted email notification.
Tom

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #10 on: August 03, 2015, 04:49 PM »
Well, tbh, when it comes to this...As far as I am aware, they don't e-mail you shit to click to download - They just download it to your PC if you pre-ordered via the annoying popup, then it will give you an annoying popup to tell you it's done doing whatever it did.

It does specifically say, in that stupid popup, that when it is ready, that window will let you know - absolutely nothing about "We will e-mail you"

dont be too quick of the mark there Stephen - I got asked when I 'reserved' my copy, if I wanted email notification.

Bingo! :Thmbsup: Combine an old scam with a new confusion and the fun ensues promptly at click here. Sure, I get where he's coming from...but folks need warned to think before they click.

KynloStephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 3,741
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #11 on: August 03, 2015, 04:59 PM »
Well, tbh, when it comes to this...As far as I am aware, they don't e-mail you shit to click to download - They just download it to your PC if you pre-ordered via the annoying popup, then it will give you an annoying popup to tell you it's done doing whatever it did.

It does specifically say, in that stupid popup, that when it is ready, that window will let you know - absolutely nothing about "We will e-mail you"

dont be too quick of the mark there Stephen - I got asked when I 'reserved' my copy, if I wanted email notification.

Bingo! :Thmbsup: Combine an old scam with a new confusion and the fun ensues promptly at click here. Sure, I get where he's coming from...but folks need warned to think before they click.

That could be said for any e-mail you ever get, from anybody...ever  ;D

x16wda

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 888
  • what am I doing in this handbasket?
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #12 on: August 03, 2015, 06:49 PM »
Part of the delight is that Microsoft never mentioned (at least in anything I saw) just what this notification would look like. I even did a quick search, and couldn't find a picture. I went ahead and pulled down all 5 of the ISOs I need and have worked from there, but just got the notification on my main box. And in case you haven't yet seen it, the "Windows 10 Upgrade is Ready Notification" looks like.... this:

Screenshot - 8_3_2015 , 6_30_39 PM.pngBeware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
vi vi vi - editor of the beast

KynloStephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 3,741
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #13 on: August 03, 2015, 07:20 PM »
Part of the delight is that Microsoft never mentioned (at least in anything I saw) just what this notification would look like. I even did a quick search, and couldn't find a picture. I went ahead and pulled down all 5 of the ISOs I need and have worked from there, but just got the notification on my main box. And in case you haven't yet seen it, the "Windows 10 Upgrade is Ready Notification" looks like.... this:
 (see attachment in previous post)

I was/am far too impatient...so I downloaded it on release day before the notification came up (My Mrs's laptop still ain't had a notification...and I'm far too lazy to manually upgrade hers lol)

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,641
    • View Profile
    • Donate to Member
Re: Beware: A Dangerous Windows 10 Ransomware Scam Is Spreading Online
« Reply #14 on: August 04, 2015, 05:51 AM »
(My Mrs's laptop still ain't had a notification...and I'm far too lazy to manually upgrade hers lol)

That's not laziness, that's your latent self-preservation instinct awakening.

Trust me, I know :P

Rule #1: Never, ever, touch the wife's computer until you have been given permission ... and even then, don't.