Cybercriminals are targeting Microsoft Windows users with a new scam involving fake software updates. These attackers are luring users to deceptive websites that mimic official Microsoft pages, prompting them to download what appears to be a legitimate Windows update. However, the downloaded file actually contains malicious software aimed at stealing sensitive information like passwords and payment details.
According to cybersecurity experts at Malwarebytes, the scam utilizes websites designed to look like Microsoft Support and Windows Update pages, complete with Microsoft’s branding elements and convincing web addresses. Users are advised to be cautious and avoid clicking on any suspicious update links received via email, text messages, or social media.
To enhance security, users are encouraged to only install updates through the official Windows Update system by accessing Settings and selecting “Check for updates.” Additionally, it is recommended to enable automatic updates and refrain from downloading Windows updates from separate websites to mitigate the risk of falling victim to fake update scams.
Particularly, Windows 11 users should be vigilant against unexpected messages demanding urgent updates and should strictly rely on official Microsoft channels for software installations to safeguard against such cyber threats.