Windows users need to be cautious as a new scam targeting them with fake software updates has emerged. Cybercriminals are directing users to deceptive websites that mimic official Microsoft pages, prompting them to download what appears to be a legitimate Windows update. However, the downloaded file contains harmful malware designed to steal sensitive information like passwords and payment details.
According to cybersecurity experts at Malwarebytes, the scam employs websites that closely resemble Microsoft Support and Windows Update pages, utilizing Microsoft’s fonts, colors, and design to deceive users effectively. To avoid falling victim to this scheme, users are advised not to click on any urgent update links received via email, text, or notifications. Instead, they should manually check for updates by accessing Settings > Windows Update.
The downloaded file looks authentic, making it challenging for users and some security software to detect the malicious intent. While the current targets seem to be primarily in France, experts caution that the scam could quickly spread, urging all Windows users to exercise caution and refrain from downloading suspicious updates.
To enhance security, users should never trust update links from unsolicited sources like emails or social media. The safest method to install updates is through the official Windows update system by navigating to Start > Settings > Windows Update and selecting “Check for updates.”
Users should be skeptical of any website offering a Windows update as a separate download and are encouraged to enable automatic updates to minimize the risk of falling for fake update scams. Specifically, Windows 11 users should be vigilant against unexpected messages demanding urgent updates, emphasizing the importance of obtaining software solely through official Microsoft channels to fend off potential attacks.