Scammers are using fake Windows updates to steal users' files
What are fake Windows updates?
Fake Windows updates are quite a sophisticated scam. To start, the scammer establishes a connection to your PC. Once the scammer has access, they send a fake Windows Update screen. This screen looks like the blue "Working on updates" screen you see when installing Windows Update.
While scammers show you this fake Windows update, they work in the background and steal your files. Once the fake update is complete, the scammer has stolen your personal information. They then hold your data for ransom and threaten to release it to the dark web unless you pay.
How do scammers show you fake Windows updates?
Luckily, you don't have to worry about hackers randomly accessing your PC and carrying out this attack. An attacker needs an attack vector that grants higher permissions to your PC. Only then will they be able to execute the scam properly.
According to a report by security company Sophos, scammers can initiate their attacks through any remote desktop software, but they are often detected using AnyDesk. AnyDesk itself is not malware; This is an application that allows people to remotely connect from one PC to another.
Scammers start asking users on the platform to establish connections with them at random. In the case of AnyDesk, this involves entering the 10-digit number associated with each user. Sophos noted that the scammers appear to be randomly drawing valid numbers and are not targeting specific high-status users.
If the victim accepts the scammer's connection request, they will gain access to the victim's PC. From here, the bad guy will upload a file named "Microsoft Windows Update" to the target computer and run that file. This will display a full-screen animation that simulates the Windows update progress screen while also disabling the keyboard to prevent user intervention.
While users wait for their fake update to complete, the scammer works through the system and steals any important information. This includes accessing the victim's OneDrive account associated with their username.
After the bad guys get the target's files onto the server, they will leave a ransomware note asking the victim to pay within a week. Otherwise, bad guys will release private files to the dark web.
How to stop Windows Update scams
While this tactic may seem especially insidious, the good news is that it can be easily countered once you learn about its existence and how it works.
First, scammers cannot perform this attack on any PC they like. They need remote access software to gain the necessary permissions to carry out the scam. Therefore, you don't need to worry if you don't have any remote access applications installed on your PC.
If using remote access software, never accept random requests to access your PC. Remember, these apps don't just let someone take control of your mouse; As seen in the example above, they can also transfer files from your PC to your PC.
It's also worth noting that scammers use remote access software to scam people. That way, if someone claims they need access to your PC to fix an error, you can detect the scam remotely and deny them access to your PC.
In the worst case scenario, you let them access your PC and then see a fake Windows update screen. If this happens, you can disconnect your PC from the Internet, either by removing the Ethernet cable on the back or turning off the router if you're using Wi-Fi. Doing so will cut the connection between you and the scammer, denying them access to your files.
While the fake Windows update scam may seem scary, you can avoid it by keeping a clear head and thinking carefully before accepting requests to access your PC. If you do that, the only Windows update you need to worry about is the one that actually restarts your PC at an inopportune moment.
You should read it
- Warning: There appears an email notification of Windows updates from a fake Microsoft that contains cyber ransomware
- What is Fake IP? Guide to the simplest Fake IP for Chrome
- Detailed instructions on how to Fake IP on Windows 10
- Fake Voice 7.0 - Download Fake Voice 7.0 here
- Windows 10 updates will be divided into C, B, and D levels
- Spreading hacking tools helps Windows 7 still get updates even after Microsoft has stopped supporting
- How to fake GPS on the phone
- The best way to fake IP computer, best
- Top 7 most easily counterfeited foods today
- 4 virus fake troll friends extremely happy
- Steps to uninstall updates on Windows 10 and Windows 11
- How to fix 100% disk error on Windows 10 Creator Updates
Maybe you are interested
Google Essentials Launches: An Easy Solution to Access Google Services on Windows
How to fix wifi error of not being able to access the network and the causes
Summary of 12 ways to quickly access the Settings application on Windows 10
Unexpectedly, Conan's 5 accessories turned out to be real?
Warning: TryCloudflare is being abused to distribute remote access malware
How to fix 'No Internet Access' error on Ethernet connection in Windows