Scammers are attempting to use the global CrowdStrike outage on Microsoft Windows systems to steal from small businesses by offering fake fixes, the Australian government has warned.
The world has begun to recover from a global outage of Windows systems running the cybersecurity company Crowdstrike’s software, after the company issued a faulty update. But bad actors have seized upon the crisis to attempt to scam the public, the home affairs minister, Clare O’Neil, said on Saturday.
“What we are seeing some reporting of is attempts to conduct phishing through the incident that just occurred,” she said.
She said small businesses in particular were receiving emails from people pretending to be CrowdStrike or Microsoft and seeking bank details to access a reboot to fix the error.
“I ask Australians to be really cautious over the next few days about attempts to use this for scamming or phishing,” she said. “If you see an email, if you see a text message that looks a little bit funny, that indicates something about CrowdStrike or IT outages, just stop. Don’t put any details.”
She said if people receive calls along those lines they should hang up, and if people do hand over their banking information then to contact their bank immediately to report it.
“This is a moment where we can help our fellow Australian citizens. If someone has tried to scam you, they are trying to scam others,” she said. “You can help protect your fellow citizens by jumping online, going to the Scamwatch website and just report back what’s happened so we can make sure that the government can continue to alert people as we move forward.”
The Australian Cyber Security Centre warned on Saturday that a number of malicious websites and “unofficial code” were being released, claiming to help businesses recover from the outage. The centre said it “strongly encourages all consumers to source their technical information and updates from official CrowdStrike sources only”.
CrowdStrike’s own threat intelligence reported that malicious activity includes phishing emails posing as CrowdStrike support or independent researchers selling scripts to automate recovery from the issue. The organisation identified more than 30 domains that had been used in the scams so far.
The Australian Competition and Consumer Commission deputy chair, Catriona Lowe, warned the public not to download unsolicited software and to be wary of any unsolicited calls or emails.
“Criminals look to take advantage of incidents like this CrowdStrike outage, creating a sense of urgency that you need to do what they say to protect your computer and your financial information,” Lowe said.
“Anyone can be scammed, so it is important to be wary of any unsolicited contact that purports to provide assistance in the aftermath of a major event like this.”
O’Neil said the Australian economy was in a recovery phase after Friday’s outage, but there would still be teething problems for some businesses in bringing their services back online.
