Scam Alert: It never takes long for the bad guys to take advantage of a bad situation. Beware of phishing and malware scams related to the CrowdStrike global outage.
Even though the massive outage does not affect Mac or Linux users, you still could be approached by a hustler on the phone or by email.
How to Avoid CrowdStrike Scams –
Be wary of any emails claiming to be from CrowdStrike, such as “CrowdStrike Support” or “CrowdStrike Security”, and do not click on any links, which could be loaded with malware to hijack your computer.
Watch out for emails or phone calls that claim to offer tech support or services to fix problems caused by the Windows outage related to CrowdStrike.
Beware of look-alike websites if you do a search for something like “protection from CrowdStrike”.
CrowdStrike published this list of similar-sounding websites that impersonate the company, with URLs that include such words as update, fix, words like update, fix, claim, and even a variation on the blue screen of death.
While some are not serving up malicious content, CrowdStrike advises ” these sites may support future social-engineering operations”. So it’s best to avoid them all.
crowdstrike.phpartners[.]org
crowdstrike0day[.]com
crowdstrikebluescreen[.]com
crowdstrike-bsod[.]com
crowdstrikeupdate[.]com
crowdstrikebsod[.]com
www.crowdstrike0day[.]com
www.fix-crowdstrike-bsod[.]com
crowdstrikeoutage[.]info
www.microsoftcrowdstrike[.]com
crowdstrikeodayl[.]com
crowdstrike[.]buzz
www.crowdstriketoken[.]com
www.crowdstrikefix[.]com
fix-crowdstrike-apocalypse[.]com
microsoftcrowdstrike[.]com
crowdstrikedoomsday[.]com
crowdstrikedown[.]com
whatiscrowdstrike[.]com
crowdstrike-helpdesk[.]com
crowdstrikefix[.]com
fix-crowdstrike-bsod[.]com
crowdstrikedown[.]site
crowdstuck[.]org
crowdfalcon-immed-update[.]com
crowdstriketoken[.]com
crowdstrikeclaim[.]com
crowdstrikeblueteam[.]com
crowdstrikefix[.]zip
crowdstrikereport[.]com
The US Cybersecurity and Infrastructure Security Agency (CISA) and UK National Cyber Security Centre issued alerts warning about phishing emails attempting to capitalize on the chaos.
More Tips to Avoid CrowdStrike Phishing/Malware Scams
The bad guys exploiting the global systems outage may pose as CrowdStrike support, other companies that can “fix” the problem, even protect you from a future meltdown if your computer was not affected by this one.
Beware of emails emails with subject lines such as “CrowdStrike Support” or “CrowdStrike Security” that direct recipients to fraudulent websites that claim to provide tech support or services in exchange for fees or “donations.”
Beware of emails which ask for payment via online services such as Paypal, Venmo or Zelle, or payment in cyptocurrency or gift cards.
Beware of phone calls from imposters posing as CrowdStrike support staff.
Another tech support scam tactic is for remote access to your computer, which enables the bad guy to access everything on your computer including your passwords and banking information.
Repeating for emphasis –
- Do not reply to suspicious email.
- Do not click links in them.
- Do not make payments or donations.
- If you receive a suspicious phone call, hang up.
- Report suspicious emails to your provider, or mark them as junk and delete them.
- Block suspicious phone numbers.
For more information about the CrowdStrike chaos –
- Cyber criminals quickly exploit CrowdStrike chaos (The Register. 7/19/24)
- Don’t Fall for It: Hackers Pounce on CrowdStrike Outage with Phishing Emails (PC Mag, 7/19/24)
- Don’t Fall for CrowdStrike Outage Scams (WIRED, 7/19/24)
- Guidance for CrowdStrike Windows Outage (CIS, 7/19/24)
- Scam warning as fake emails and websites target users after outage (BBC, 7/19/24)
- Callback Malware Campaigns Impersonate CrowdStrike and Other Cybersecurity Companies (CrowdStrike Blog, 7/8/22)
ecoXplorer Evelyn Kanter is a journalist with 25+ years of experience as a newspaper and magazine writer, radio & TV news producer & reporter, and author of guidebooks and smartphone apps – all focusing on travel, automotive, the environment and your rights as a consumer.
ecoXplorer Evelyn Kanter currently serves as President of the International Motor Press Assn. (IMPA).
ecoXplorer Evelyn Kanter also is a member of the North American Travel Journalists Assn. (NATJA) and the North American Snowsports Journalists Assn. (NASJA).
Contact me at evelyn@ecoxplorer.com.
Copyright (C) Evelyn Kanter
What do you think? We value your comments and love hearing from you.