If you are still using Windows 7, you should be on the lookout for a phishing scam offering to upgrade to Windows 10.

The scam, discovered by information security firm Cofense, begins with an email from "Genadiy" with the subject line "RE: Microsoft Windows Upgrade."

"Your Office Windows computer is out of date and is scheduled for upgrade today. To upgrade Windows 10, please open the Windows 10 Upgrade Project site in your browser."

The body of the email includes a table of laptops with serial numbers and locations and a list of benefits of upgrading: "COVID-19 Employee Symptom Tracker," "Access to Payroll," "Access to New Staff Directory," etc.

"This lure needs improvement, but it's not completely terrible," noted Coffence researcher Caleb Kirk in a company blog post." We give this threat two gold stars for actors with made-up laptops, fake serial numbers, tables with buildings, etc."

If you continue on, the "upgrade" link takes you to a fake Microsoft Outlook login page, where the scam really begins. The idea is to use your email credentials to authorize this "system upgrade."

Do not! Just give the scammer your username and password, and they can use it to break into your email account. In the past few companies we have worked for, these credentials also gave them full access to the corporate network.

According to Cofense, when you enter your credentials, the scam site sends you to a real Microsoft page, which indeed says "Windows 7 support has ended. (Ends in January 2020.)

Like the scammers, Microsoft promises to support upgrades to Windows 10. Unlike the scammers, they are willing to pay for the upgrade. (But there are still legitimate ways to upgrade to Windows 10 for free; during the COVID-19 pandemic, millions of people worked from home, so the line between work and home is pretty blurred anyway.