CrowdStrike users should be vigilant about phishing scams after global tech outage: CSA

SINGAPORE - Users of cyber-security firm CrowdStrike should be extra vigilant towards phishing scams related to a global tech outage on July 19, said the Cyber Security Agency of Singapore (CSA).

This comes after a major tech outage worldwide tied to Microsoft’s Azure cloud platform and a software issue at CrowdStrike.

The botched software update from CrowdStrike had caused havoc in businesses, airlines and retailers worldwide, including those in Singapore.

In a post on social media platform X on July 20, CSA warned of reports of an ongoing phishing campaign targeting CrowdStrike users due to the faulty software update.

The reports include cyberthreat individuals or groups leveraging on the tech outage to send phishing e-mails to customers while posing as CrowdStrike support staff or to impersonate CrowdStrike staff in phone calls.

They may also pose as independent researchers, claiming to have evidence that the technical issue is linked to a cyber attack and offering remediation insights, or sell scripts that appear to automate recovery from the content update issue.

CSA warned of possible malicious domains such as crowdstrike.phpartners[.]org, crowdstrike0day[.]com and crowdstrikebluescreen[.]com that impersonate CrowdStrike.

System administrators may wish to configure their firewall rules to block connections to such domains associated with the campaign, it added.

“It is advised that organisations ensure they are communicating with CrowdStrike representatives through official channels and adhere to technical guidance the CrowdStrike support teams have provided,” CSA said in a statement on its website on July 20.

In a statement on July 19, CrowdStrike founder and chief executive George Kurtz apologised for the outage and confirmed the incident was not a cyber attack.

He also warned its users not to fall for scams related to CrowdStrike’s outage.

He said: “We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

Other countries have also warned CrowdStrike users to be cautious.

Australia’s cyber intelligence agency said on July 20 that “malicious websites and unofficial code” were being released online claiming to aid recovery from July 19’s global digital outage.

On its website, the agency said its cyber security centre “strongly encourages all consumers to source their technical information and updates from official CrowdStrike sources only”.

Cyber Security Minister Clare O’Neil said on X on July 20 that Australians should “be on the lookout for possible scams and phishing attempts”.

This article was first published in The Straits Times. Permission required for reproduction.

ALSO READ: Cyber-security firm CrowdStrike's software update causes major tech outage disrupting businesses globally

Disclaimer: The copyright of this article belongs to the original author. Reposting this article is solely for the purpose of information dissemination and does not constitute any investment advice. If there is any infringement, please contact us immediately. We will make corrections or deletions as necessary. Thank you.