Tech giant Cisco has warned that the threatening actor is impersonating Microsoft in order to hack users’ files and demand a ransom.

It comes as users are eagerly awaiting their turn to receive Microsoft’s latest upgrade, Windows 10. The trick email appears to come from the official company, using the address “update@microsoft.com”. You can imagine why someone might fall for this scam if they’re in a rush.

It all starts with an email that shows up in your inbox. If you only give it a quick glance, it looks innocent enough:

If you look carefully, you’ll notice mangled characters and some grammatical errors in the body of text. A closer look at the IP address reveals that the sender is actually based in Thailand.

The fake email also includes a sneaky disclaimer assuring the content is virus-free, similar to one a user might expect from Microsoft.

Users who download the file, extract and run the content are greeted with a message like this:

And boom! Just like that, you’ve lost access to all your precious files and have exactly four days to fork out your savings.

Keep in mind that a notification of your reserved copy of Windows 10 will automatically appear on your PC. It will NOT be distributed via email.

How can you defend yourself against ransomware?

● Back up your data frequently

● Store your backups offline (such as with an external hard drive) to prevent being targeted

● Be extra careful when a major technology upgrade has been recently launched, as this is often how adversaries target users

● Do not trust anything associated with a spam email

● Keep your antivirus software up to date

● Use common sense while online, especially when downloading new files.