from the when-is-it-EVER-safe-to-click-an-e-mail-link? dept.
Arthur T Knackerbracket has found the following story:
With the end of support for Windows 7 coming in January, many users are looking to update to Windows 10 to continue getting security updates and support from Microsoft. According to a Tuesday report from security firm Trustwave, attackers are well aware of this and are targeting Microsoft users with fake Windows update emails that will infect computers with ransomware -- an especially sinister type of malware that locks up valuable data on your computer, and demands that you pay a ransom to release it or your data will be destroyed.
The spammers are sending some Windows users emails with subject lines "Install Latest Microsoft Windows Update now!" or "Critical Microsoft Windows Update!" The emails, which claim to be from Microsoft, include one sentence in the message body, which starts with two capital letters, Trustwave found. They ask recipients to click an attachment to download the "latest critical update."
The attachment has a .jpg file extension, but is actually a malicious .NET downloader, which will deliver malware to your machine. The ransomware, called bitcoingenerator.exe, encrypts the recipient's files, and leaves a ransom note titled "Cyborg_DECRYPT.txt" on their desktop, asking for $500 in bitcoin to unlock the files.
[...] "This is a very common type of phishing attack -- where the attacker tries to convince the target to open a malicious attachment," Karl Sigler, threat intelligence manager of Trustwave SpiderLabs, said in an email. "Windows users should understand that Microsoft will never send patches via email, but rather use their internal update utility embedded in every current Windows operating system. Users should always be wary of any unsolicited emails, especially those that present urgency to open attachments or click on links."
(Score: 2) by Gaaark on Friday November 22 2019, @01:13AM (3 children)
"Windows Users, Beware: Windows Updates Could Lock Up Your PC, Or Worse"
--- Please remind me if I haven't been civil to you: I'm channeling MDC. I have always been here. ---Gaaark 2.0 --
(Score: 0) by Anonymous Coward on Friday November 22 2019, @01:34AM (1 child)
Yeah hasn't there been like a dozen Windows bricking incidents at this point?
(Score: 2) by aristarchus on Friday November 22 2019, @02:29AM
It's a feature, not a bug.
(Score: 2) by driverless on Sunday November 24 2019, @10:55AM
I've updated Windows 7 to Ubuntu for most of the friends and family I do tech support for. It's only locked one PC so far, an ancient Dell laptop which I think is just Too Old (you can log on but then just get a blank screen).
(Score: 0) by Anonymous Coward on Friday November 22 2019, @01:14AM (11 children)
Hehehe, that's like euphemism for losers, eh.
Let's not forget:
Poetterkraut is worse than Gates. "Worse than Gates," that's a remarkable feat.
Another "brilliant" German.
(Score: 4, Interesting) by Azuma Hazuki on Friday November 22 2019, @01:32AM (10 children)
Luckily, FreeBSD is a thing, as is OpenBSD, NetBSD, OpenIndiana, and a slew of init-respecting Linux distros. I'm back on Gentoo after finally acquiring a machine with some decent CPU grunt under the hood, but last I checked Slackware, Artix, Devuan, Void, and several others are alive and well.
I am "that girl" your mother warned you about...
(Score: 2) by RS3 on Friday November 22 2019, @01:44AM (9 children)
Thank you for the inspiration- I'll have to try some of them. I'm a long-time Slacky, but for me, package management is the weakest aspect of most distros. How do you feel about package management in those distros?
I've been running Alpine on a few servers and I love it, except for package management... I don't need GUI, but something with categories would be good.
(Score: 4, Informative) by coolgopher on Friday November 22 2019, @01:54AM (3 children)
Having used Linux distros with either of rpm and deb package management, I find myself preferring the deb using distros. I used to be a FreeBSD user, and still would be if I didn't need to use Linux for work. The FreeBSD ports tree was great. Anything you wanted, configured the way you wanted, and built just for you. Quite like Gentoo, but a fair bit smoother. Then FreeBSD started providing pre-built packages via the pkg tool, and you got the best of both worlds - build stuff you want/need custom configured for easily, and just slurp in pre-built packages for the regular stuff. These days I'm pretty much exclusively on Devuan, and I haven't got many complaints.
(Score: 2) by RS3 on Friday November 22 2019, @03:04AM
I did try Debian, Ubuntu, Mint, and other .deb distros, but didn't stick with them. Got into all kinds of Arch, puppy, Slitaz, and other streamlined ones for a while, mainly because of a major project that needed very fast boot, etc. Used to hate rpm but was forced into it 12 years ago, found yum right away, and it's tolerable. The GUI package managers SUCK for CentOS. Just horrible. I did find and use a yum GUI (yumex) that worked well, but haven't in years because I don't run X on the servers. I do occasionally run an X server on another machine so I can run the gui application without running X on the actual server.
Gosh, you guys, maybe someday I'll break down and try FreeBSD and never turn back! Anyone port FreeBSD to a phone?
I will try Devuan, thanks. Been hearing about it for years of course.
(Score: 2) by aristarchus on Friday November 22 2019, @04:50AM (1 child)
OH! The old "I need to use Windows for work" excuse! And probably for games. But wait, something is wrong. . . OMG! It is finally the year of "linux at work"!!! Hooray!!!
(Score: 4, Interesting) by coolgopher on Friday November 22 2019, @06:17AM
Well I do dual-boot into Windows. For games. Just not at work.
I used to have Steam installed on my Linux side, but I had compatibility issues due to not running Duhbuntu, so I gave up on that. Maybe it's better these days. Not like I've got much time for games these days anyway.
In terms of primary OS-at-work, my history (per job) looks something like:
NT 4.0 (brrr)
Solaris 8/9 (whee)
Win2k (errgh, so sloooow)
Linux (sweeet)
Linux (sweeet)
Linux with WinXP64 VM (meh)
Linux (sweeet)
(Score: 2, Informative) by fustakrakich on Friday November 22 2019, @01:57AM (4 children)
slackpkg is flawless. All you have to do is pick a mirror in the conf file.
The install is lightning fast, and you can avoid installing any GUI if your want. The setup is very simple
So far nothing comes close to Slackware. It still comes with the Netscape browser
La politica e i criminali sono la stessa cosa..
(Score: 2) by RS3 on Friday November 22 2019, @02:56AM
Thank you for the inspiration. For me SlackWare is rock-solid, even when I compile my own kernels. :o I learned and modded the init system from the start (1995ish). I thought I had tried slackpkg but maybe not... I will.
Wasn't aware about Netscape! I don't remember seeing it in the package tree... Wow, that brings back memories. For some reason I think I used to use Netscape to get pop3 mail, but saved it to a pine (alpine) directory and used pine for email. Fetchmail was too fiddly when Netscape would do it for me. I think I did it that way, anyway...
(Score: 2, Touché) by The Mighty Buzzard on Friday November 22 2019, @03:05AM (2 children)
If you're not building from tarballs and spending all day in dependency hell, you're doing Slackware wrong.
My rights don't end where your fear begins.
(Score: 2) by coolgopher on Saturday November 23 2019, @01:21AM (1 child)
I thought that was Gentoo??
I was so pissed when my laptop got stolen the week after I'd done a major upgrade of Gentoo on it! I hope the thief enjoyed the Norwegian keyboard...
(Score: 2) by The Mighty Buzzard on Saturday November 23 2019, @02:27AM
Nah, Gentoo has had package management for like ever. Slackware still didn't unless you downloaded the tarball and built it last I checked.
My rights don't end where your fear begins.
(Score: 4, Interesting) by Pslytely Psycho on Friday November 22 2019, @01:27AM (2 children)
We have had email scams for over thirty years now.
They are well publicized, reported on in-depth each time and yet people don't get that:
Microsoft never sends unsolicited emails.
The IRS never sends unsolicited emails.
Nor does the FBI, your bank, or the local farmers market.
And yet, there are always scores of victims of this type of phishing attack. Individuals, governments, hospitals, the list is nearly endless. Laws don't help, informing people doesn't help, education apparently doesn't help. Electronic oversight (filters, anti-virus scans etc, etc...) doesn't help and can't combat stupidity. Some scams are so good that otherwise intelligent people even get caught up in it. Is there an answer?
“Think of how stupid the average person is, and realize half of them are stupider than that.”
― George Carlin
Ah George, we miss you so.....
Alex Jones lawyer inspires new TV series: CSI Moron Division.
(Score: 0) by Anonymous Coward on Friday November 22 2019, @02:10PM (1 child)
But Microsoft called me up and told me about viruses on my computer.
They even had me bring up the list of dangerous files so I could see them!
(Score: 2) by Pslytely Psycho on Saturday November 23 2019, @01:05AM
Oh cool, hey could you help me transfer approximately 4 million U.S. dollars to the United States from Nigeria? I just need a cashiers check for 14000 U.S. Dollars to pay for the transfer to your account. Please send your banking information to:
IMASUCKER@RIUOFF.COM
Looking forward to a lasting and profitable relationship.
Your very good friend,
Prince Fuxuin Theass
Alex Jones lawyer inspires new TV series: CSI Moron Division.
(Score: 3, Informative) by Runaway1956 on Friday November 22 2019, @01:27AM
Yeah, we've all seen a ground swell of people desperately trying to break into the Win10 environment - NOT!!! From the pre-Alpha days, the only way Win10 was installed on most desktops, was through trickery on Microsoft's part.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 2) by eravnrekaree on Friday November 22 2019, @01:57AM (4 children)
why the hell do browsers even allow people to click to run a downloaded exe? Thats retarded and idiotic, your just begging for this stuff to happen.
(Score: 3, Insightful) by RedGreen on Friday November 22 2019, @02:08AM
"why the hell do browsers even allow people to click to run a downloaded exe? Thats retarded and idiotic, your just begging for this stuff to happen."
Even worse it is email, I can see the browser allowing you to run the program you just clicked on and downloaded, why the hell does email need to run an .exe...
Those people are not attacking Tesla dealerships. They are tourists showing love. I learned that on Jan. 6, 2021.
(Score: 2) by Gaaark on Friday November 22 2019, @02:18AM
Why the hell do people STILL use Windows?
Because some peoe like it easy, even if they have to bend over and not use lube.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. I have always been here. ---Gaaark 2.0 --
(Score: 4, Insightful) by The Mighty Buzzard on Friday November 22 2019, @03:09AM
For the same reason people use Linux. Because my computer is not the boss of me. It had better do what I tell it, no matter how bloody stupid I'm being.
My rights don't end where your fear begins.
(Score: 2) by jmichaelhudsondotnet on Friday November 22 2019, @01:55PM
FTA, It is a .jpg, but for some reason windows allows images to hold executables that take over the entire computer from a double click.
It is difficult for me at this point, after literally decades of this shit, to see this as anything other than intentional.
'well sure there are lots of legitimate business uses for hiding executables in image files, tons of them...' - microsoft hq executive, making 2mil/year, not located in united states, member of several sex cults, calls tech support when his wifi doesn't work
Sure every once in a while I want to have a picture of boobs in my email that I can doubleclick to update the kernel on my system, it's a really handy shortcut, what could go wrong? /s
It is not so much that they are stupid and turning the personal computer into a self-harm device through incompetence and treachery, it is that they get so rich doing it, and parade like they are some kind of hero in their audis. There is literally no scale of failure that would cause them to a have a problem in life.
Failing upwards has probably caused the extinction of many species in our galaxy, it is not something to take lightly.
and of course thesesystemsarefailing.net, obviously
(Score: 2) by hendrikboom on Friday November 22 2019, @03:19AM (2 children)
Windows is still being fooled by putting .jpg extension on an executable file?
I thought they could have fixed that decades ago!
(Score: 2) by MostCynical on Friday November 22 2019, @06:18AM (1 child)
After Microsoft broke web and browser standards, then document interoperability, they basically opened the os to accept anything (any extension) as any file type.. so here we are.
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 0) by Anonymous Coward on Friday November 22 2019, @07:54AM
Shoot... and then to think my Linux box doesn't even use extentions... I should be screwed... yet, I'm not.
(Score: 5, Interesting) by stormwyrm on Friday November 22 2019, @06:48AM (1 child)
Numquam ponenda est pluralitas sine necessitate.
(Score: 2) by jmichaelhudsondotnet on Friday November 22 2019, @01:57PM
Well said, see my response to evakreend.