AUSCERT has issued a critical warning that cyber criminals are exploiting the disruption caused by the CrowdStrike outage.
AUSCERT cited reports from "cybersecurity experts and industry analysts" that suggest cyber criminals are using the outage window to launch phishing campaigns and other malicious activities.
"These efforts aim to exploit emotions such as fear or urgency to manipulate users into making quick, uninformed decisions. This tactic aims to bypass users' critical thinking and make fraudulent schemes more successful," AUSCERT said in a statement.
The organisation said phishing attacks have involved cybercriminals impersonating CrowdStrike support communications, including phone calls.
AUSCERT also claimed cyber criminals have posed as independent researchers to falsely assert evidence linking the CrowdStrike technical issue to a cyberattack and offer supposed remediation insights and marketed scripts claiming to automate recovery.
"In response to these developments, cybersecurity organisations and authorities have issued advisories urging heightened vigilance. Users are encouraged to verify the authenticity of communications, especially during service disruptions, and to adhere strictly to official channels for updates and support," AUSCERT said.
"CrowdStrike has shared a list of domains impersonating CrowdStrike's brand during the outage. While some domains in this list are not currently hosting malicious content and may be intended to amplify negative sentiment, they could potentially support future social-engineering operations."
.png&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
