Cisco security researchers are warning users against opening email attachments purporting to be from the software giant. The "ransomware" malware, which encrypts files until a ransom is paid, is being sent as part of an email spam campaign.
In a blog post, Cisco researcher Nick Biasini said the attackers are "impersonating Microsoft in an attempt to exploit their user base for monetary gain."
Biasini said the malware payload, called CTB-Locker, is being delivered at a "high rate."
"The functionality is standard however, using asymmetric encryption that allows the adversaries to encrypt the user's files without having the decryption key reside on the infected system," said Biasini.
That means that there's no clear way to get the decryption key until the ransom is paid.
Ransomware attacks have been on the increase since the start of 2015 as a quick, easy, and often near-untraceable way to generate vast sums of money in a short space.