Joint Research by FCRF and mFilterit Reveals Phishing Attacks Targeting CrowdStrike Customers

In an alarming development, there has been a significant increase in phishing campaigns targeting customers of CrowdStrike, a renowned cybersecurity company. This discovery was made through a joint research initiative by the Future Crime Research Foundation (FCRF), an IIT Kanpur’s AIIDE-CoE incubatee and mFilterit, a digital risk monitoring company and an AdTech and MarTech pioneer. These malicious campaigns are exploiting the trust placed in the CrowdStrike brand to disseminate false information and steal sensitive data from unsuspecting users.

The research highlighted several fake websites mimicking CrowdStrike’s legitimate site to deceive customers. Among these are:

– https://www.crowdstrikefix.in/: This site claims to offer manual support for resolving CrowdStrike Blue Screen of Death (BSOD) issues, requesting users to provide their email and phone number.
– https://crowdstrikebluescreen.com/: Another fraudulent site offering bluescreen repair services, falsely claiming to assist users with computer consulting and network support.
– https://fixcrowdstrike.com.au/: This website presents itself as a provider of secure solutions for business operations, misleading users into believing they are receiving legitimate support.
– https://www.microsoftcrowdstrike.com/: A site falsely reporting a major incident involving CrowdStrike, aiming to create panic and prompt users to engage with the malicious site.
– https://strike.fail/: A deceptive site claiming to report damage caused by a CrowdStrike update, designed to mislead users into believing they need urgent remediation services.

Fake Websites

The modus operandi of these phishing campaigns involves creating highly convincing fake websites and social media handles that closely mimic CrowdStrike’s branding and messaging. These malicious actors use these platforms to trick users into providing their personal information, which is then exploited for various fraudulent activities.

Adding to the concern, a recent global outage involving CrowdStrike’s services has exacerbated the situation. On July 19, 2024, CrowdStrike experienced a worldwide outage that affected numerous government agencies and businesses across various sectors, including finance, media, and telecommunications. This outage was attributed to a faulty update related to CrowdStrike’s Falcon Sensor security software. The incident led to widespread disruptions, with users reporting issues such as blue screens of death and system failures. CrowdStrike has since acknowledged the issue and is working on resolving it, but the incident has left many users vulnerable to phishing attacks as they seek support and solutions online.

Fake Social Media Handles

These phishing campaigns not only pose a significant threat to individual users but also to organizations relying on CrowdStrike’s cybersecurity services. The stolen data can lead to severe consequences, including financial losses, identity theft, and unauthorized access to sensitive information.

CrowdStrike has acknowledged the issue and is actively working to take down these fake websites and social media handles. They have also issued an advisory to their customers, urging them to be cautious and to report any suspicious activities related to their brand.

Indian Government’s CERT-In Issues Urgent Advisory and ‘Quick-Fix’ on Global Cyber Outage Linked to CrowdStrike’s Update

Recommendations for Users

– Verify Website URLs: Always check the URL of the website you are visiting. Legitimate CrowdStrike URLs will typically follow a consistent format.
– Be Cautious with Personal Information: Avoid sharing personal information such as email addresses and phone numbers on websites that seem suspicious.
– Report Suspicious Activity: Report any suspicious websites or social media handles to CrowdStrike or the relevant authorities.

The joint research by FCRF and mFilterit has shed light on the sophisticated tactics employed by cybercriminals in their phishing campaigns. It points the need for heightened vigilance and robust cybersecurity measures to protect against such threats. Users are encouraged to stay informed and to exercise caution when interacting with online platforms, particularly those claiming to be associated with reputable brands like CrowdStrike, following the global outage.

Follow The420.in on

Twitter (X), LinkedIn, and YouTube