Windows 10 is making an unwanted name for itself in the scam department after malicious actors are using two different tactics in efforts to obtain information from unsuspecting users.
There are two primary vectors where an scammer/attacker could use the enthusiasm and discussions around Windows 10 to entice you to let your guard down.
Tech Support Calls
One scam that has been active for quite a while is the phone call that comes into your home claiming to be some type of tech support and many times they will use Microsoft’s name to try and add some legitimacy to the call.
They then commence to tell you that an alert was received on their end of an issue relating to your computer and that they can help resolve that. If you give them access to your machine, typically using Team Viewer software, they then show you errors on your system in order to convince you of the problem. Once you grant them control they could plant a piece of malware on your system and block your security software from detecting it.
Another thing they might tey is to indicate they can help you get Windows 10 installed on your system so you then grant them control and you end up with malicious software instead of Windows 10.
They may at anytime in this process attempt to collect fees for their assistance as well once they have your trust.
A variation: Cold calls attempting to help you reserve the Windows 10 upgrade for a fee or getting your permission to send an email that would contain malicious code/attachments.
Windows 10 Upgrade Email
Microsoft has sent out official emails to anyone who successfully reserved a copy of Windows 10 to let them know there place in line is safe and that they will soon be able to start the upgrade. It is believed millions of people were able to reserve the upgrade and are waiting for the download/upgrade process to begin.
The scammers will take advantage of this anticipation by sending a malicious file attached to what appears to be an very official looking email and tell the recipient that opening it will begin the upgrade and/or download process.
That begins the attack on your system.
A variation: Instead of attaching a malicious file to the email they may send you an embedded link indicating that site will help you begin the upgrade process.
The best cure for both of these is to know that Microsoft will not contact you over the phone about the Windows 10 Upgrade nor will they email you any type of executable file that will begin the process.
Currently the only legitimate methods to get Windows 10 onto your system is through the Get Windows 10 app, the small white Windows flag icon in the lower right corner of your computer screen, or to use the installation media creation tools Microsoft released last week.
Alternatively, you can contact me and I will assist you remotely to start the upgrade process.
Be vigilant and keep your security software up to date to provide yourself maximum protection against these and other malicious/phishing attacks.