CrowdStrike says 'threat actors' are already trying to scam people looking for computer system help

Worldwide IT outage brings out bad guys, solution proposals

CrowdStrike CEO warns of scammers, social engineers
Think before responding, says Australia’s Home Secretary
Microsoft offers restore point strategy

Updated: Jul 19, 2024 / 11:31 PM CDT

A blue screen for an inaccessible website on a laptop computer following reports of a major global outage. Photographer: Andrey Rudakov/Bloomberg via Getty Images

(NewsNation) — The cybersecurity firm CrowdStrike is warning those affected by the worldwide IT outage to beware of “threat actors” trying to capitalize on the situation with a variety of scams.

“I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives,” CrowdStrike CEO George Kurtz said in a statement.

CrowdStrike’s website offered details of the possible threats, including a long list of scammer websites already in operation.

“Crowd strike doomsday,” “crowdstrike fix,” “crowstrike outage” and “crowdstrike blue screen” are among the sites that CrowdStrike, itself, says are trying to impersonate the company, or “may support future social-engineering operations.”

CrowdStrike is warning users to beware of sites that are:

Sending phishing emails posing as CrowdStrike support to customers
Impersonating CrowdStrike staff in phone calls
Posing as independent researchers, claiming it’s a cyberattack and offering help
Selling scripts purporting to automate recovery from the content update issue

Australia’s Cyber Security Centre is alerting users about fake websites offering phony fixes. The country’s Home Affairs Minister Clare O’Neil, issued a blunt warning Friday.

“If you see an email. If you see a text message that looks a little bit funny, that indicates something about CrowdStrike or its outages, just stop,” she said.

“Don’t put in any details. If someone has called you and is suggesting that they’re going to help you, talk you through a reboot of your system, I would hang up the phone. So just have a think about whether it makes sense.”

Meanwhile, IT staffers around the world will be busy for days, perhaps weeks, as they try to recover from the outage symbolized by the “blue screen of death,” the solid blue screen with a text message that has been the bane of Microsoft users for decades.

As for what you can do fight now, Microsoft suggests you restore your system to a point before the CrowdStrike update went out, like sometime Thursday. The company is sharing directions for how to manually restore a system.

But that means that all changes — data, documents, app installations, configurations, etc. — made after the restore point and before the outage will be lost.

Microsoft says some customers using its Azure cloud were able to fix their systems by repeatedly rebooting them, sometimes as many as 15 times.

That, however, will require “manual intervention to each individually impacted device,” Brian Honan, founder of Ireland’s Computer Emergency Response Team, told Forbes.