A recent scam targeting users of Microsoft’s Windows operating system has raised concerns about fake software updates. Cyber attackers are luring Windows users to deceptive websites resembling official Microsoft pages, prompting them to download what appears to be a legitimate Windows update. However, the downloaded file contains malicious malware aimed at stealing sensitive information such as passwords, payment details, and account credentials.
According to cybersecurity researchers at Malwarebytes, the scam involves websites designed to mimic Microsoft Support and Windows Update, closely replicating Microsoft’s branding and web design to deceive unsuspecting users. To avoid falling victim to this scheme, Malwarebytes advised users not to click on links in emails, texts, or notifications prompting urgent updates, but instead to verify updates directly through the Windows Update section in Settings.
The deceptive nature of the downloaded file, which convincingly appears genuine, contributes to users overlooking potential security risks. While the current focus of these scams seems to be in France, experts caution that the campaigns can quickly spread, emphasizing the need for all Windows users to exercise caution and refrain from downloading suspicious updates.
To safeguard against such threats, users are encouraged to disregard update links received via email, text messages, or social media, and instead rely on Windows’ built-in update system by navigating to Settings and selecting Windows Update to check for updates. Any separate download offering a Windows update should be treated with suspicion, and enabling automatic updates is advised to mitigate the risk of falling prey to fake update scams.
Windows 11 users are specifically urged to be vigilant against unexpected messages urging immediate updates, with official Microsoft channels remaining the most secure method for software installations.