By D. Maan, Jadetimes News

Scam Alert: Phony Emails, Sites Prey on Users in IT Outage Aftermath

Cybersecurity experts and agencies warn users about a spike in opportunistic hacking attempts following the recent IT outage. Although there is no evidence that CrowdStrike's outage was caused by malicious activity, some bad actors are using this incident and trying to exploit the situation.

Cyber Agencies Urge Vigilance

Cyber agencies in the UK and Australia are alerting users to be on the lookout for scam emails, phone calls, and websites that will appear legitimate. In a blog post, CrowdStrike's CEO George Kurtz urged users to verify they are dealing with authentic representatives from the company before applying patches. "We know that adversaries and bad actors will try to exploit events like this," he said. He added, its blog and technical support continue to be the authoritative source for information on any updates.

Expert warnings

Troy Hunt, a cybersecurity expert and the well-known security site Have I Been Pwned founder, mirrored Kurtz's sentiments: "An incident like this that has commanded so many headlines and has people worried is a gift to scammers", Hunt said.

His comments followed an alert from the Australian Signals Directorate, which warned that hackers were emailing fake software patches and pretending to be from CrowdStrike. The ASD wrote, in its alert, "Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover." It has cautioned IT responders to only CrowdStrike's official website for information and support.

More Phishing Activity

The NCSC of the United Kingdom issued an independent warning, advising users to be particularly wary of any suspicious emails or calls that might be received, apparently from CrowdStrike or Microsoft. "An increase in phishing referencing this outage has already been observed as opportunistic malicious actors seek to take advantage of the situation," the agency said.

Past Patterns

Major news events often get hackers to change the way they are exploiting people through fear and uncertainty. This trend was really clear with the Covid-19 pandemic, as phishing emails were then sent that bore false information about the virus or its antidotes, only seeking to hack into people's and organizations' systems. That kind of global attention in the IT outage would thus attract hacking.

Experts at Secureworks have said that there is a spike in CrowdStrike-themed domain registrations. These cybercriminals are massively registering new domains, similar looking to the original sites, to fool IT managers or the general public for downloading malware or giving away sensitive information.

Safety Recommendations

Though the following core guidance is aimed at IT managers who are trying to restore their organizations, individuals should take note that they, too, could become a target of interest. Experts are warning everyone to be vigilant and only trust information from official CrowdStrike sources.