The recent Microsoft IT outage, caused by a software update from third-party cybersecurity company CrowdStrike, impacted 8.5 million Windows devices worldwide. While Microsoft claims this is less than one percent of all Windows machines, the outage caused disruptions in online banking portals and air travel services. Despite not being a cyberattack, there is concern from CrowdStrike and government agencies about scammers taking advantage of the confusion to engage in malicious cyber activity.
CrowdStrike’s blog revealed that an eCrime actor is using file names related to July 19, 2024, including a malicious ZIP archive named “crowdstrike-hotfix.zip” to steal data from customers. As disruptions from the outage continue, it is important for individuals to protect themselves from scammers. Being alert and avoiding downloading zip-files or software from unknown sources claiming to help with the outage is crucial. Additionally, individuals should be cautious when receiving requests for personal information from unknown numbers and refrain from sharing sensitive information with unverified sources.
The U.K.’s National Cyber Security Centre has provided guidance for organizations and businesses on protecting employees from phishing scams. This guidance includes implementing anti-spoofing controls, ensuring employees are educated on identifying phishing attempts, and reporting suspicious emails to the appropriate authorities. By following these mitigation tactics, businesses can reduce the risk of falling victim to scams during the ongoing disruptions caused by the Microsoft IT outage.
As scammers continue to take advantage of the confusion surrounding the outage, individuals should remain vigilant and exercise caution when interacting with unknown sources. It is essential to stay informed about potential scams related to the outage and to report any suspicious activity to the appropriate authorities. By staying alert and following best practices for cybersecurity, individuals can protect themselves from falling victim to malicious cyber activity during this time.
In conclusion, the Microsoft IT outage caused by a software update from CrowdStrike has raised concerns about scammers exploiting the situation for malicious purposes. As disruptions continue to unfold, individuals should take steps to protect themselves from phishing scams and avoid downloading suspicious files. By following guidance from cybersecurity agencies and remaining vigilant, individuals can reduce the risk of falling victim to scams during this challenging time.
