IT Solutions
Depend on us to get your organisation to the next level.
Sectors
BCN have a heritage of delivering outcomes through our cloud-first services and currently support over 1200 customers across specialist sectors.
About Us
Your tech partner
Posted 22nd July 2024
In light of the recent global IT outage caused by a faulty update from CrowdStrike, we now unfortunately expect to witness a surge in phishing and cyber attack attempts. Cyber criminals are exploiting the chaos to target organisations with malicious emails and websites posing as CrowdStrike support or offering fake fixes.
In this blog we take a look at the most likely methods they will use and some examples to share with your teams to help prevent a cyber security breach masked by the CrowdStrike incident.
Be cautious of emails claiming to be from CrowdStrike support or security. Verify the sender’s email address and avoid clicking on any suspicious links or attachments.
Avoid downloading any unofficial patches or fixes from unverified sources. Always rely on official CrowdStrike channels for updates and solutions. In the days that followed we saw a large amount of domains being registered that include a ‘CrowdStrike’ reference that could be used to trick users into thinking these are legitimate services.
Subject: “Urgent: Action Required to Fix CrowdStrike Issue” Message: “Dear [Employee Name], due to the recent CrowdStrike outage, please click the link below to download the necessary patch to secure your system. [Malicious Link]”
Subject: “Immediate Security Update Needed” Message: “Hello Team, our IT department has identified a critical vulnerability due to the CrowdStrike issue. Please open the attached document for instructions on how to update your system. [Malicious Attachment]”
Subject: “Invoice for CrowdStrike Security Update” Message: “Dear [Employee Name], please find attached the invoice for the recent CrowdStrike security update. Kindly process the payment at your earliest convenience. [Malicious Attachment]”
Message: “Attention: Your system is at risk due to the recent CrowdStrike outage. Visit our official site to download the latest security patch. [Link to Phishing Website]”
Message: “Hello, this is [Fake Name] from CrowdStrike support. We need to verify your login credentials to apply the necessary security updates. Please provide your username and password.” Stay vigilant and always verify the authenticity of any communication related to the CrowdStrike issue.
Ensure your IT teams are on high alert and monitor for any unusual activities. Educate your employees about the potential threats and encourage them to report any suspicious communications. Plus:
Stay safe and vigilant. Together, we can mitigate the risks and protect our organisations from cyber threats. Please contact BCN if you need help with your Cyber Security