Cybercriminals are targeting Windows users with a new scam involving fake software updates, urging caution while navigating emails and download links. These scammers are leading users to deceptive websites resembling official Microsoft pages, enticing them to download what appears to be a legitimate Windows update. However, the files actually contain harmful malware aimed at stealing sensitive information like passwords, payment details, and account credentials.
According to cybersecurity experts at Malwarebytes, the scam employs websites that mimic Microsoft Support and Windows Update, replicating Microsoft’s design elements and using convincing web addresses to deceive unsuspecting users. To avoid falling victim to this scam, users are advised not to click on any urgent update links received via email, text, or notifications but to verify updates directly through Settings > Windows Update.
The downloaded files are crafted to appear authentic, making them difficult to identify as malicious by users and some security tools. While the current targets of this scam seem to be primarily in France, experts caution that these attacks can quickly spread, underscoring the importance of vigilance for all Windows users before downloading any updates.
To safeguard against such threats, users should refrain from trusting update links from unverified sources like emails, texts, or social media. The recommended approach is to utilize Windows’ built-in update system by navigating to Start, accessing Settings > Windows Update, and selecting “Check for updates.” Any website offering a Windows update as a standalone download should be treated skeptically, and enabling automatic updates is suggested to minimize the risk of falling prey to fake update schemes.
In particular, Windows 11 users are urged to exercise extra caution when encountering unexpected urgent update messages, emphasizing the significance of exclusively installing software through official Microsoft channels as the most effective defense against these fraudulent activities.