It was fast. Criminals wasted no time in exploiting the CrowdStrike-Microsoft chaos and quickly began working with phishing organizations and spinning up malicious domains that purported to be patches.
Crowdstrike's mistake, Google strikes back & hackers attack cows
Just hours after a faulty CrowdStrike file shut down Windows machines around the world, reports surfaced of scam emails using the outage as a decoy and otherwise attempting to use the massive outage as a means of conducting criminal activities.
"Some reports we've seen suggest that there may be phishing emails circulating that claim to be from 'CrowdStrike Support' or 'CrowdStrike Security,'" said Johannes Ullrich, research dean of the SANS Technology Institute and founder of the Internet Storm Center .
Although he had no samples to share at the time, "attackers are likely taking advantage of the high media attention," Ullrich added. "Be wary of any 'notes' that may be delivered this way."
