Avoiding Windows 10 ransomware

Sophos warns of fake installer executables distributed via email

Emails offering an upgrade to Windows 10 are the latest hook used by cyber criminals to install ransomware.

Sophos senior technology consultant Sean Richmond said the email have a Zip archive attached which contains an executable purporting to be the Windows 10 downloader.

However, Microsoft is not distributing the free upgrade to Windows 10 via email.

“The zip file with a program inside of it should have been bypassed by most people. There is an element of education still needed by organisations to encourage their staff to say 'We and Microsoft won’t be distributing programs by email’,” Richmond said.

“One of the simplest things that people can do is block all executables in emails, including ones inside of archive files. Most gateway products will enable you to block executables; you just need to turn it on.”

Richmond warned that once a computer is encrypted by the ransomware, the user should consider the data gone.

“You either restore from backups or pay up,” he said.

Cyber criminals are finding rich pickings in Australia with ransomware variants according to security experts.

Late last year, the Websense ThreatSeeker network detected 1.05 million instances of ransomware CryptoLocker attacks globally, with 60 per cent of attacks detected in Australia.

The latest targeted email pretended to come from the Australian Federal Police.

Earlier this year the AFP issued a warning about an email scam circulating within Australia and internationally that requests payment for a bogus traffic infringement notice.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the TechWorld newsletter!

Error: Please check your email address.

Tags Windows 10ransomware

More about Australian Federal PoliceFederal PoliceMicrosoftRichmondSophosTwitterWebsense

Show Comments
[]