Increased Phishing and Cyber Attack Attempts Expected Due to CrowdStrike Outage

In light of the recent global IT outage caused by a faulty update from CrowdStrike, we now unfortunately expect to witness a surge in phishing and cyber attack attempts. Cyber criminals are exploiting the chaos to target organisations with malicious emails and websites posing as CrowdStrike support or offering fake fixes.

In this blog we take a look at the most likely methods they will use and some examples to share with your teams to help prevent a cyber security breach masked by the CrowdStrike incident.

Be aware of common tactics tailored to CrowdStrike outage

Phishing Emails:

Be cautious of emails claiming to be from CrowdStrike support or security. Verify the sender’s email address and avoid clicking on any suspicious links or attachments.

Malicious Websites:

Avoid downloading any unofficial patches or fixes from unverified sources. Always rely on official CrowdStrike channels for updates and solutions. In the days that followed we saw a large amount of domains being registered that include a ‘CrowdStrike’ reference that could be used to trick users into thinking these are legitimate services.

Top 5 most likely phishing attempts or messages cyber criminals might use in light of the recent CrowdStrike issue

1.Fake CrowdStrike Support Email:

Subject: “Urgent: Action Required to Fix CrowdStrike Issue”
Message: “Dear [Employee Name], due to the recent CrowdStrike outage, please click the link below to download the necessary patch to secure your system. [Malicious Link]”

2.Impersonation of IT Department:

Subject: “Immediate Security Update Needed”
Message: “Hello Team, our IT department has identified a critical vulnerability due to the CrowdStrike issue. Please open the attached document for instructions on how to update your system. [Malicious Attachment]”

3. Fake Invoice or Payment Request:

Subject: “Invoice for CrowdStrike Security Update”
Message: “Dear [Employee Name], please find attached the invoice for the recent CrowdStrike security update. Kindly process the payment at your earliest convenience. [Malicious Attachment]”

4.Phishing Website:

Message: “Attention: Your system is at risk due to the recent CrowdStrike outage. Visit our official site to download the latest security patch. [Link to Phishing Website]”

5. Social Engineering Call:

Message: “Hello, this is [Fake Name] from CrowdStrike support. We need to verify your login credentials to apply the necessary security updates. Please provide your username and password.”
Stay vigilant and always verify the authenticity of any communication related to the CrowdStrike issue.

Protect your organisation

Ensure your IT teams are on high alert and monitor for any unusual activities. Educate your employees about the potential threats and encourage them to report any suspicious communications. Plus:

• Update Security Protocols: Review and update your cybersecurity protocols to address the current threat landscape.
• Employee Training: Conduct regular training sessions to keep your employees informed about the latest phishing tactics and how to avoid them.
• Incident Response Plan: Have a robust incident response plan in place to quickly address any security breaches.

Stay safe and vigilant. Together, we can mitigate the risks and protect our organisations from cyber threats. Please contact BCN if you need help with your Cyber Security