This one will be an 'absolute **bleep**,' say security bods
31 Jul 2015 at 22:09, Iain ThomsonCisco's security team has noticed a new spamming campaign attempting to spread the CTB-Locker ransomware using emails purporting to come from Microsoft, telling people they are ready to download Windows 10.
The emails mimic the actual Windows 10 messages Redmond is sending out (with some minor text mistakes) and have spoofed the originating address to read as update@microsoft.com, although the sender's IP address can be traced back to Thailand. There's also a Microsoft disclaimer, and a message claiming the files have been cleared as virus-free by Mailscanner.
Not a bad spoof email, but not a great one either
Full Article