The Windows 7 upgrade scam

Who I am
Miguel Moro Vallina
@miguelmorovallina
Author and references

2


A fraud, specifically one phishing attack, has targeted employees of many companies who still use it as an operating system on their computers Windows 7. Through a fake email, some criminals would be hoarding access credentials, putting the security of sensitive data and information at risk.




The scam acts in a subtle way: in the text, in fact, employees are invited to update the operating system of your computer a Windows 10. Once clicked on the link inside, the user is redirected to a fake Outlook login page where to enter the credentials, thus leaving them at the mercy of cyber criminals. To leverage the good faith of users is precisely the invitation itself that does not sound completely false: Windows 7 has reached the end of its life cycle, what in English is called EOL (end of life), last January 14 and Microsoft itself has repeatedly urged companies to quickly provide for a general upgrade.

Windows 7 update scam: what the email looks like

How to know if you are under phishing attack? Just look carefully at thee-mail. The first signal comes from the subject of the message: "Re: Microsoft Windows Upgrade". According to some researchers, the presence of the "Re:", that is a reply, would instill in the reader the need to respond quickly to the communication because a previous message on the subject could have been lost or escaped attention.

Another signal is the text: often the content, where the link that leads straight into the mouth of the criminals is contained, appears with an irregular formatting, such as incorrect spaces or words with capital initials where not required. In short, all small flags that can put you on alert, especially if you think that the sending should have an official character. Even the sender should arouse some suspicion: the mail domain is not that of your company but, in most cases, external or simply a series of alphanumeric characters without any sense.


Windows 7 Update Scam: What Happens If You Click

If by chance, distraction or good faith you find yourself clicking on the link you are quickly redirected to one landing page which replicates, or at least tries, the one-page login screen Outlook Web App. At the center of it, a form awaits the insertion of the victim's username and password.



Also in this case, having a little eye can help: although the page is accompanied by a valid SSL certificate, the layout is particularly inaccurate. The similarities with the original, in fact, do not go beyond the presence of the two data boxes; everything else appears not only different from the structure of the original but also patchy and absolutely not credible. Enter your credentials, that's it: you are redirected to the Microsoft page relating to the conclusion of support for Windows 7 and you can say goodbye to your identifiers.


The Windows 7 upgrade scam


Audio Video The Windows 7 upgrade scam
add a comment of The Windows 7 upgrade scam
Comment sent successfully! We will review it in the next few hours.