In The Wake Of The CrowdStrike Incident: 5 Tips To Protect Organizations, Employees

Cybersecurity and Infrastructure Security Agency (CISA) warns that threat actors are taking advantage of recent IT outage via phishing scams and other malicious activity.

CrowdStrike Incident
(Image: Adobe Stock / Generated with AI by Jon Le-Bon)

More than 40 phishing and phony lookalike domains were created in the first 24 hours following the CrowdStrike software incident, according to phishing and scam detection site CheckPhish.

Run by Bolster, CheckPhish is a free, real-time URL scanner that uses an array of machine learning algorithms to determine if a site is malicious or not. Since its inception in 2018, it has scanned more than 6.5 billion URLs.

“We have been watching the reality behind the CISA‘s warning play out in real-time. In the early hours of July 19, scammers began trying to lure victims into various scams. Within the first 24 hours, more than 40 typosquat domains were targeting CrowdStrike users and had been added to the CheckPhish site,” said Abhilash Garimella, vice president of Research at Bolster. “A typosquat, or lookalike domain, resembles a legitimate domain but with variations, such as common misspellings or additional characters. These domains are meant to deceive users into believing they are visiting a trusted site when, in fact, they are being redirected to a fraudulent one.”

Bolster has identified multiple types of phishing scams already, from malicious domains offering technical or legal support, to CrowdStrike crypto tokens, and sites still under construction. The CheckPhish community has created a growing list of “CrowdStrike” typosquats that can be found here.

5 Tips To Protect Organizations And Employees

  • Security teams should add the list of typosquat domains to their email security and web security gateway blocklists to prevent business email compromise (BEC) attacks or phishing emails to employees.
  • Double-check URLs and domains before entering information, especially if they were sent via an email or an SMS.
  • Google or Bing search for official contact or support channels. CrowdStrike and Microsoft have official support channels and phone numbers on their websites.
  • Be cautious before accepting unsolicited help via email or phone. It is nearly impossible to distinguish between real help and a tech support scam.
  • If you encounter a phishing page or a scam call, report it to your company’s IT department and CrowdStrike’s website. Add the scam to the active list here to raise community awareness of it.

To scan suspicious URLs and monitor for typosquatting, or URL hijacking, and lookalike variants of a domain visit CheckPhish.

Click here to find out more about the rise of cybercrime.

Business Continuity, Crisis Management, Cyber, Featured, Security, Technology

Bolster, Business Resiliency, CheckPhish, CISA, CrowdStrike, Cybersecurity, Cybersecurity and Infrastructure Security Agency, Lookalike Domains, Malicious Sites, Phishing, Professional Development, Typosquatting, URL Scanner

Sponsored Content
Featured Video

Webinars, Podcasts & Videos

Business Continuity Webinar

Did You Miss Our Latest Business Continuity Webinar?

It's not too late! You can still watch the “Business Continuity Exercise Planning and Facilitation Techniques To Start Now” video webinar.

facility resilience webinar

From Prevention To Action: The Role Of Facilities Management In Handling Emergencies And Maintenance

This free webinar on facility resilience will provide actionable strategies to safeguard assets, protect lives, and ensure operational continuity.

adaptive decision-making

Listen Now: Decision-Making During A Crisis

Robert C. Chandler, Ph.D, Founder and Principal of Emperiria discusses his research on adaptive decision-making in this podcast.

Receive the latest articles in your inbox

Share to...