Over 8 million devices were affected by the Crowdstrike blue screen, but that’s not even the end of the drama, as scammers look set to take advantage.
Scammers will look for anything to continue their billion dollar trend in Australia, and modern events that affect us all are often big inspiration.
Covid was one major trend, the yearly event of tax time is another, and it seems as though the Crowdstrike Windows drama of July 2024 looks set to be another, as scammers work lay the groundwork for an upcoming set of scams aimed at confusing you and handing over money.
That’s what appears to be happening, as domains agent snatched up mentioning the drama, covering terms such as “microsoftcrowdstrike” and “crowdstrike-helpdesk”, providing a glimpse of what you can expect from scammers in the coming days.
The drama affected millions of systems running Windows, covering computers used by ordinary people to those used in hotels, hospitals, airports, call centres, and even the payment kiosks at supermarkets across the planet, largely reported in Australia first due to the timing of the event.
An estimated 8.5 million devices were affected said Microsoft, and the company has worked with Crowdstrike to deliver scaleable solution to remedy computers, though any Windows devices still dealing with a blue screen of death following the drama may want to follow our user-friendly instructions to fix things.
However, the fix is only one side, and you can expect scams to pop up shortly, too.
What Crowdstrike scams will likely look like?
Remember the “NBN is calling you” scam, or even the “Microsoft is calling you” scam? You may want to prepare for a resurgence, coupled with the SMS phishing scams known as “smishing”.
While we’ve not seen Crowdstrike scams in Australia yet, the emergence of several domains following the worldwide outage means it is also only a matter of time before that becomes a thing. Furthermore, the Australian government is warning bad actors are already taking advantage.
Expect text messages and emails suggesting you follow a link to secure your Windows computer, each of which will either ask you to log in to your Microsoft account, or to hand over your bank or credit card details to secure your computer.
Handing over details to any unknown is clearly a risk. Much like the scams purporting to be Apple, you can expect a baited form to appear at a fake website — say crowdstrike-helpdesk.com — and no login to Microsoft actually occurring. Instead, you’d be giving your login details to a scammer, who could then use them to their advantage, ripping you off in the process.
You may also want to expect scam attempts from criminals pretending to be from travel agencies, airlines, and supermarkets, as many of the real organisations were all affected. We wouldn’t be surprised to see some software packages with malware pop up, greatly increasing the risk of viruses, exploits, and ransomware. There are so many opportunities for scammers and criminals following this outage, so it’s best to be aware of what’s coming in.
Given how many devices were affected by this outage, we don’t expect scammers will wait long to try these approaches. The amount of money they have to gain would likely be massive, particularly as it was a news story that everyone heard about.
How to stay on the defensive against scammers
Even without seeing Crowdstrike scams, we have some pretty clear ideas for what criminals will be doing in the wake of the outage. There are only so many vectors and types of scams, and many just follow each other.
Phishing is phishing: scammers build a fake website in order to trick you, and if you don’t look at it clearly, you can fall for the bait.
Urgency is urgent: scammers will regularly use the trap of urgency to make you commit to a scam without thinking. They employ the nature of being hurried dos you don’t think about what’s going on, and fall quickly.
Those appear to be two of the most common tactics in scams, but there are ways for you to be proactive and deal with scams before they happen.
Switch on multifactor authentication
One of the best ways to be proactive against scammers is to switch on multi-factor authentication, also known as 2FA or 3FA. In the shorter names, the number tells you how many factors of authentication there are: 2 for two, 3 for three, and so on.
Most authentication systems rely on two or three, but you can always ask for more if needed.
The point with multifactor authentication is that you’re making your login require more than just a password. It’s a code sent to a phone number, or a regularly shuffled set of numbers sent to an authentication app, or a physical passkey, or even a software passkey, and so on and so on.
Multifactor authentication is another method to prove you are who you say you are when you log in, and it’s something scammers typically can’t fake. Set it up on your accounts, particularly your most important ones, like an Apple, Google, Microsoft, Amazon, banking, and so on. Your MyGov account should have multifactor, too, helping block scammers if they come a knocking.
Study the URL of a phishing link if you get one
It’s worth noting that even with multifactor, scammers will always try.
You are just a number, and you represent a dollar figure. If they send 100,000 scam messages out and even one follows through, they’ve made money. If 10 percent falls victim, they’ve made money in a big way. Multifactor or not, scammers are going to try, particularly when it comes to phishing.
When you get phished, you’ll often see a link purporting to be from a major company. However, because scammers can’t use the real website from a company, they’ll often choose something similar or ridiculously outlandish, largely because people don’t check.
So that’s what you need to do: look at the URL. You don’t need to click on it, but you can certainly read it. And if you do happen to click, you can see the actual website URL when it loads, telling you where you are, and practically giving you a reason not to click.
Don’t fall victim to the so-called urgency
One of the biggest telltale signs of a scam is urgency, something scammers employ because if we don’t have time to think, we’re more likely to fall victim. That’s one reason why scammers often use the early hours of the morning to target victims: they’ll be groggy, and may think something occurring super early is an emergency.
“By targeting you at these times, scammers maximise their chances of success, exploiting moments when potential victims are not fully alert,” Telstra’s Cyber Security Expert Darren Pauli told Pickr earlier this year.
Urgency is a common trademark of almost every quick scam we see. Longer drawn out scams may not use it, particularly those dealing with investments, but quick scams will, often because they don’t want you thinking.
Don’t believe everything you receive
Importantly, don’t trust everything you receive. Your email and phone number aren’t sacred, and as we’ve said before, “you are just a number”.
Messages will come in purporting to be from real organisations, including Microsoft, Crowdstrike, and even airlines, travel organisations, supermarkets, and so on. If it was affected by the IT outage, there’s a good chance it can make the case, and that may include banks, as well.
Take the messages you receive with a grain of salt, particularly if the user ID is a little on the sketchy side.
When criminals send an SMS, they typically come from a random phone number as opposed to one masked with a legitimate company ID. It’s entirely possible for a scammer to fake these, but scam texts regularly come from unmasked phone numbers being spoofed in the first place.
It’s a similar situation with email scams: much like how scammers can’t use the real website and domain of an actual company, they also can’t use the real domain in an email address. An emailed scam from a big company can’t use the legitimate and real email address, so they’ll often try to mask it.
You, however, can always click the send field in any email application (on the web or in software) and find the real email address simply by looking.
Stay vigilant against scams before they happen
These trademarks of scams are consistent, and appear in most of the writing and reporting we run on scams. It stays the same because it invariably doesn’t change, and it’s the sort of thing that needs to become muscle memory.
Scam education and internet hygiene is something that’s important, and it won’t go away. You have money, and criminals want it.
Unfortunately, software security protection isn’t yet at the point where it can prevent you from every cybersecurity approach that’s out there. So you need to do what you can to minimise the impact it has on you, stay vigilant and aware of what’s happening, even before it could.
