Scam Warning As Fake Emails And Websites Target Users After Outage

Cyber-security experts and agencies around the world are warning people about a wave of opportunistic hacking attempts linked to the IT outage.

Although there is no evidence that the CrowdStrike outage was caused by malicious activity, some bad actors are attempting to take advantage.

Cyber agencies in the UK and Australia are warning people to be vigilant against fake emails, calls, and websites that pretend to be official.

And CrowdStrike head George Kurtz encouraged users to make sure they were speaking to official representatives from the company before downloading fixes.

“We know that adversaries and bad actors will try to exploit events like this,” he said in a blog post.

“Our blog and technical support will continue to be the official channels for the latest updates.”

His words were echoed by cybersecurity expert Troy Hunt, who runs the well-known Have I Been Pwned security website.

“An incident like this that has commanded so many headlines and has people worried is a gift to scammers,” he said.

Mr Hunt was responding to a warning from the Australian Signals Directorate (known as the ASD, the equivalent of the UK’s GCHQ or the US’s National Security Agency) which issued an alert about hackers sending out bogus software fixes claiming to be from CrowdStrike.

“Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover,” the notice reads.

The agency is urging IT responders to only use CrowdStrike’s website to source information and help.

The ASD warning follows calls from the UK’s National Cyber Security Centre (NCSC) on Friday for people to be hyper vigilante of suspicious emails or calls that pretend to be CrowdStrike or Microsoft help.

“An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the agency said.

Microsoft says it estimates that 8.5m computers around the world were disabled by the global IT outage.

It’s the first time that a number has been put on the incident, which is still causing problems around the world.

The glitch came from a cyber-security company called CrowdStrike which sent out a corrupted software update to its huge number of customers.