Even though I've been immersed in all things tech for some time now, I'm not arrogant enough to think I'll never be caught out by a phishing email or downloading dodgy software. That's especially true as online scams grow in sophistication—for instance, there's a fake Windows support page that tricks users into downloading password-stealing malware.
The fake support page alleges a 'cumulative update' for 'Windows Update version 24H2,' complete with a KB article number that's passable at a glance. Anyone who actually hits the big blue 'Download the update' button will get a convincingly spoofed Windows Installer package. Unfortunately, this download is actually malware that can hoover up "passwords, payment details, and account access", according to cybersecurity company Malwarebytes.
Even downloading the dodgy software may not raise alarm bells at first. The suspicious package was built using WiX Toolset 4.0.0.5512, which Malwarebytes describes as "a legitimate open-source installer framework." The 83 MB package is called 'WindowsUpdate 1....
English (US)