A new fraudulent scheme has been identified targeting Microsoft Windows users by offering fake software updates. Cybercriminals are leading users to deceptive websites resembling official Microsoft pages to download what appears to be a legitimate Windows update. However, the file actually contains harmful malware that aims to steal sensitive information such as passwords, payment details, and account credentials.
According to cybersecurity experts at Malwarebytes, the scam involves websites designed to mimic Microsoft Support and Windows Update pages. These fake websites replicate Microsoft’s fonts, colors, layout, and utilize web addresses that appear authentic to deceive unsuspecting users.
To avoid falling victim to this scam, Malwarebytes advises users not to click on any email, text, or notification prompting them to install an urgent update. Instead, they should directly check for updates by going to Settings > Windows Update.
Furthermore, the downloaded file appears genuine, making it challenging for users and some security software to detect the malicious intent. While the current targets seem to be primarily in France, experts caution that the scam could spread rapidly, underscoring the importance of Windows users worldwide exercising caution and refraining from downloading suspicious updates.
To safeguard against such threats, users are advised to never trust update links received via email, text messages, or social media. The recommended approach is to install updates through Windows’ built-in update system. Users can accomplish this by navigating to Start, accessing Settings > Windows Update, and selecting “Check for updates.”
Any website offering a Windows update as a separate download should be viewed with suspicion, and enabling automatic updates is suggested by security experts to minimize the risk of falling prey to fraudulent update scams. Particularly for Windows 11 users, vigilance is crucial when encountering unexpected messages urging immediate updates, with official Microsoft channels being the most secure method for software installations.