Security researchers have discovered a vulnerability in the WPA2 wireless protocol. The exploit is called KRACK, short for Key Reinstallation Attacks that can allow hackers to snoop on WiFi connections and inject data into WiFi streams to do things such as install malware and other rogue actions such as steal passwords, emails, and other data.
Microsoft issued an update during last week’s October patch release that fixes the problem on Windows OS, if you have not updated your Windows installation it is recommended you do so immediately. Microsoft has stated that even when the vulnerability is patched within Windows, router firmware and Wifi drivers installed or connected to Windows machines that have not been updated can still be affected. To fully protect yourself, Windows users should also install patched WiFi drivers and router firmware if available, in addition to the patch Microsoft released for Windows.
We here at SUPERAntiSpyware HQ have noticed in uptick in spam that claims to be Microsoft attempting to inform users their Office account email storage space is almost full and to prevent incoming/Outgoing mail from getting bounced back, to click the supplied link to add an additional 10 gigs of free and mandatory storage. This of course is an obvious scam to phish your password as the link takes you to a fake Office 365 login screen.
We here at SUPERAntiSpyware recommend you simply delete this email, and do not click any links within the email. If you have been scammed by this email, immediately change your Office 365 account password and consider looking into changing your spam settings to avoid future spam emails such as these. Remember, if you do not recognize the sender address, do not open the email, and also if you do open an email always hover your mouse pointer over the emails links to see where they’re trying to take you.