If you’re looking to upgrade to Windows 11 and see an official-looking download link, think twice before clicking it. Fake links to download the OS are once again doing the rounds, allowing cybercriminals to install dangerous malware on your PC or laptop.
The attack was discovered by
HP’s Threat Research Blog, which highlights one particularly potent example. As the image above shows, the fake site windows-upgraded.com does a very convincing job of imitating the Microsoft website. To most people, this is indistinguishable from the real thing.
But installing it will allow the malware ‘RedLine Stealer’ to wreak havoc on your device, stealing crucial personal information that can then be used against you. The Threat Research Blog notes that it’s “widely advertised for sale within underground forums”.
The timing of its distribution is no coincidence. On 26 January,
Microsoft confirmed that the free upgrade to
Windows 11 was entering its final phase of availability, meaning that everyone with a compatible device could soon expect to be eligible for the new OS. Just a day later, the windows-upgraded domain was registered.
HP then published its official warning on 8 February, following detailed analysis of its legitimacy. The company also believes it’s linked to a malware attack from December, where a similar method was used on users who wanted to download Discord.
It’s the second fake download link scam to hit Windows 11 since it was first announced. Back in July,
security company Kaspersky discovered a similar issue, more than two months before the final version was available.
That’s no longer an issue, especially as there’s an
official way for all compatible devices to install Windows 11. If you can’t wait for the OS to be delivered to your device, this is a safe way to download it right now.
In general, it feels like cyberthreats are becoming more sophisticated. Gone are the days when the telltale signs of malware were obvious to anyone; it’s more important than ever to be vigilant online.
Of course, you don’t have to do everything alone. Most browsers have some built-in security, but this can be supplemented by effective
antivirus software. Many of these services protect users against 100% of malware, according to research from
Related articles for further reading