Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
If you're still running Windows 7, then you'd better watch out for a phishing scam that offers to upgrade your computer to Windows 10.
Spotted by information-security firm Cofense, the scam begins with an email from "Genadiy" with the subject line "RE: Microsoft Windows Upgrade."
- Windows 10 desktop themes can steal your passwords: What to do
- The best antivirus software to keep your PC clean
- Just in: Windows 10 is about to get a huge upgrade for gamers
"Your Office Windows computer is Outdated and an Upgrade is scheduled for replacement Today," the email message helpfully notes. "To Upgrade your Windows 10, please open your browser to the Windows 10 Upgrade Project Site," followed by a link.
In the body of the email is a table of laptops with serial numbers and locations, plus a list of the benefits you'd get from upgrading: "COVID-19 Employee Symptom Tracker," "Access your pay slips" and "Access the new staff directory," among others.
"This lure needs improvement, but it's not completely awful," Cofense researcher Kaleb Kirk noted in a company blog post. "We give this threat actor two gold stars for the table with made-up laptops, fake serial numbers, building, etc."
All we need is your password, please
Moving right along, the "upgrade" link takes you to a fake Microsoft Outlook login page, where the scamming really begins. The idea is that you're supposed to use your email credentials to authorize this "system upgrade."
Don't do it! You'd really just be giving your username and password to the scammers so that they can use them to get into your email account. In the past few companies we've worked in, those credentials would also give full access to the corporate network.
Cofense says that once you input your credentials, the scam site bounces you to a real Microsoft page informing you that, yes indeed, "Support for Windows 7 has ended." (It ended in January 2020.)
Like the scammers, Microsoft also promises to help you upgrade to Windows 10. Unlike the scammers, it would prefer you pay for the upgrade. (However, there are still legitimate ways to upgrade to Windows 10 for free.)
This scam is clearly designed to target people using Windows 7 on workplace computers, but it's vague enough so that it might snare some home users, too. With millions of people working from home during the COVID-19 pandemic, the line between work and home has gotten pretty blurred anyway.
