Malicious websites purporting to provide access to the upcoming Windows 9 operating system redirect users to affiliate marketing scams and phishing.
Any major event can be turned by cybercriminals into bait for unsuspecting users, and news about a Windows 9 Preview being delivered next month is an opportunity that cannot be overlooked.
Gideon Hernandez, fraud analyst at Trend Micro, observed the malicious activity by searching for a combination of keywords such as “Windows 9” and “leak.”
Potentially malicious websites claim to provide a leaked copy of the next operating system from Microsoft. In truth, before offering the download, they steer the user to different locations, which deliver various software, the crooks probably receiving a commission for each installation, as part of affiliate marketing.
However, other types of behavior have been observed by Trend Micro too, the potential victim being sometimes served adware that could funnel in other files, executable or not, thus posing the risk of infostealers and Trojans being added to the system.
In the end, the much desired download link is provided, but according to Hernandez, it is for “a reskinned Windows 7 SP1 64-bit bundled with a handful of software utilities, rather than a ‘leaked’ copy of Windows 9.”
Other types of scams leveraging the hype around Windows 9 OS refer to phishing, the target of the cybercriminals being users' mobile phone numbers.
Malicious campaigns hooking unsuspecting users with the Windows 9 bait are likely to see an increase both in frequency and risk.