The fake Google email asks the potential victim to update his/her Google Chrome, which the email claims, has become outdated and insecure.
The executable file pretending to be the Chrome Update is not attached with the mail itself but following the link from the mail leads to one of the several compromised websites hosting the malware laden files. The file named as “ChromeSetup.exe” is not a Chrome Update but a Ransomware variant, CTB Locker/Critroni Ransomware. which when executed/installed locks and encrypts all the files on the victims computer and changes the desktop background image which reads that, your personal files are encrypted by CTB Locker, asking the victim to pay a ransom of 2 BTC (about 500USD) to a Bitcoin Wallet address given on the desktop, to get his/her file decrypted else he/she will lose their files permanently. Malwarebytes says, it is possible to remove the malware which is detected as Trojan.ZBAgent.NS by Malwarebytes Anti-Malware however it is difficult to restore the encrypted files. While these kinds of emails automatically gets marked as Spam by most big email providers Gmail, Microsoft and Yahoo, but sometimes they manage to give the email spam filters a slip and make their way to main inbox folder. While such an email may evoke suspicions immediately to a seasoned and tech savvy user, users with less knowledge of infosec may deem it be a real mail from Google Chrome security team and this is what the handlers/authors of this malware hope to achieve. Never click on links in any suspicious messages to keep your computer safe and secure.