Petronella Blog Archive

Visit our New Blog

Windows 10 Upgrade Scam

Blog Post

If you get an email with a link for a free Windows 10 upgrade, DO NOT CLICK IT.  Your computer will be held for ransom.

The scam prompts users to download a file that promises to upgrade their computer to Windows 10 for free.  Instead of getting the latest Microsoft operating system, however, users will find themselves unable to use their computer without paying an unknown cybercriminal.  The file installs a ransomware called CTB-Locker and displays a screen with the following message:

Your personal files are encrypted by CTB-Locker.

Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer.

Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key.

You only have 96 hours to submit the payment.  If you do not send money within provided time, all your files will be permanently crypted and no one will be able to recover them.

Press 'View' to view the list of files that have been encrypted. Press 'Next' for the next page.

WARNING! DO NOT TRY TO GET RID OF THE PROGRAM YOURSELF. ANY ACTION TAKEN WILL RESULT IN DECRYPTION KEY BEING DESTROYED. YOU WILL LOSE YOUR FILES FOREVER. ONLY WAY TO KEEP YOUR FILES IS TO FOLLOW THE INSTRUCTION.

This is followed with a countdown so you'll know how much time you have left before your "crypted" files are deleted.  

This is obviously a very serious threat, and unless you have a very recent backup of all your important files, it's very important that you protect yourself from such an attack.  The best advice is some of the oldest advice: If you get an email from a source you don't know, don't open any attachments or click any links.

Another thing to note is that Microsoft actually is offering a free upgrade to some customers.  If you have Windows 7 or 8, you can upgrade for free.  However, Microsoft has been pushing these notices to the desktop and has not nor will they send emails about it.