Cyber criminals almost immediately started sending out phishing emails promising fake fixes. In one case, fraudsters were asking for cryptocurrency in exchange for an immediate fix. In another, an email offered a link to a supposed fix that when clicked downloaded malware instead. That’s why the Cybersecurity and Infrastructure Security Agency (CISA) has issued an official warning telling users to “avoid clicking on phishing emails or suspicious links.”
How are cyber criminals trying to take advantage of last week’s Microsoft/CrowdStrike outage?
Answer: With fake fixes.
The cyber bad guys do love a crisis, so it took almost no time at all for the scams to start after a major IT outage rocked the world last week. With companies the world over facing downed systems, the urgency of the situation was a perfect opportunity for bad actors to strike.
Cyber criminals almost immediately started sending out phishing emails promising fake fixes. In one case, fraudsters were asking for cryptocurrency in exchange for an immediate fix. In another, an email offered a link to a supposed fix that when clicked downloaded malware instead. That’s why the Cybersecurity and Infrastructure Security Agency (CISA) has issued an official warning telling users to “avoid clicking on phishing emails or suspicious links.”
CISA reported multiple such phishing campaigns in the days following the initial incident. It said to be wary of emails purporting to be from CrowdStrike, the company whose faulty security update caused the bug that crashed systems, as they were likely sent by fraudsters.
Cyber criminals almost immediately started sending out phishing emails promising fake fixes. In one case, fraudsters were asking for cryptocurrency in exchange for an immediate fix. In another, an email offered a link to a supposed fix that when clicked downloaded malware instead. That’s why the Cybersecurity and Infrastructure Security Agency (CISA) has issued an official warning telling users to “avoid clicking on phishing emails or suspicious links.”