Windows users are being warned about a new scam targeting them with fake software updates. Cybercriminals are directing users to misleading websites resembling official Microsoft pages, urging them to download what appears to be a legitimate Windows update. However, the downloaded file contains dangerous malware aimed at stealing sensitive information such as passwords and payment details.
According to cybersecurity experts at Malwarebytes, the scam involves fake websites that mimic Microsoft Support and Windows Update pages. These deceptive websites replicate Microsoft’s fonts, colors, design, and web addresses to deceive users effectively.
To avoid falling victim to this scam, users are advised not to click on any suspicious links in emails, texts, or notifications prompting urgent updates. Instead, they should directly check for updates by going to Settings > Windows Update. The downloaded malicious file is designed to look authentic, making it challenging for users and some security software to detect the threat.
While the current targets seem to be primarily in France, experts caution that these fraudulent activities could quickly spread. Therefore, all Windows users are urged to exercise caution and refrain from downloading updates without verifying their authenticity.
To enhance security, users should never trust update links received through email, text messages, or social media. The safest method to install updates is through Windows’ built-in update system. By navigating to Start, then Settings > Windows Update, and selecting “Check for updates,” users can ensure they are installing genuine updates.
Any website offering a separate Windows update download should be treated with suspicion. Security specialists recommend enabling automatic updates to reduce the risk of falling prey to fake update scams by lowering the need for manual file installations.
Windows 11 users are particularly advised to be vigilant against unexpected messages requiring urgent updates. Installing software exclusively through official Microsoft channels remains the most reliable defense against these malicious attacks.