July 22nd 2024
As organisations around the world attempt to recover from a global IT outage resulting from a faulty software update to Microsoft systems by cybersecurity company CrowdStrike, there have been multiple warnings about fraudsters exploiting the situation for their own gain.
We are already receiving reports of companies being contacted by fraudsters posing as tech support companies providing help to get them back online, and taking payments or bank details. In other incidents, organisations are receiving phishing emails with either links or attachments utilising a malicious ZIP archive, designed to steal data from systems.
Warnings include a statement from CrowdStrike CEO George Kurtz, who says: “We know that adversaries and bad actors will try to exploit events like this,” Mr Kurtz said in a statement. I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”
Tony Neate, CEO at Get Safe Online, comments: “Following the global and unprecedented Microsoft outage yesterday, we wanted to warn individuals and small businesses of potential scams that are likely to arise following an incident of this scale.
“Experience tells us that cybercriminals are usually very fast to exploit large scale disasters and therefore we anticipate a rise in scams inviting individuals to engage or click on links to help them restore normal services.
“Please be extra cautious with any request and always double check the information before responding. Do not click on links in emails or attachments from unknown sources. Do not reveal your password or personal information to anyone. If you are unsure, check with Microsoft or CrowdStrike directly before proceeding. The easiest way to do this is probably via their respective websites.”
Neate concludes: “We also suggest that business owners and managers alert their workforce and advise additional vigilance.”