Don't fall for quick fixes: How Microsoft's global IT outage gave rise to scams

A recent global IT outage impacted millions of devices and gave rise to numerous phishing scams. On Friday, a faulty software update from CrowdStrike led to a widespread IT outage affecting 8.5 million devices running Microsoft’s Windows operating system.

While this accounts for less than 1 per cent of all Windows-based machines, the outage caused significant disruptions globally. Online banking portals, air travel, and healthcare systems were among the services severely impacted by this event.

David Weston, a Microsoft cybersecurity executive, commented on the unusual nature of such a significant disturbance, stating, “Such a significant disturbance is rare but demonstrates the interconnected nature of our broad ecosystem.”

More from Explainers

What happened during Trump's call with Zelenskyy and European leaders? Trump-Putin summit: Why Russia sold Alaska to the US in 1867

Meanwhile, CrowdStrike CEO George Kurtz highlighted the urgency of addressing the outage and warned of potential exploitation by malicious actors: “We know that adversaries and bad actors will try to exploit events like this. Our blog and technical support will continue to be the official channels for the latest updates.”

How the IT outage gave rise to scams

In the wake of the outage, cybercriminals quickly began exploiting the situation. Various cybersecurity agencies, including the UK’s National Cyber Security Centre (NCSC) and Australia’s Signals Directorate (ASD), issued warnings about phishing attempts and scams.

Impact Shorts

View All

'My god, what have we done': The 2 US pilots who dropped atomic bombs on Japan's Hiroshima and Nagasaki

US is making it tougher to obtain green card for married couples. Here’s why

These scams primarily involve malicious actors posing as CrowdStrike employees or other tech specialists, offering fake assistance to those recovering from the outage.

The NCSC reported a noticeable increase in phishing attempts related to the outage. Scammers are taking advantage of the chaos by pretending to offer help from CrowdStrike or Microsoft. These phishing attempts often involve emails, calls, or websites claiming to provide fixes for the outage.

However, these so-called fixes lead to the downloading of malicious software or the theft of personal information. The ASD specifically alerted about hackers sending out bogus software fixes purportedly from CrowdStrike. “Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover,” the ASD notice warned.

Also Read: Remember 2000? The last time computers stopped working at this scale was because of the Y2K Bug

Responding to the ASD warning, Troy Hunt, a well-known cybersecurity expert, pointed out the opportunistic nature of scammers in such situations. “An incident like this that has commanded so many headlines and has people worried is a gift to scammers,” he said.

This incident is about so much more than just downed PCs, for example the inevitable scams that are now attempting to exploit the fear people are holding onto https://t.co/RbsqUfrk4N

— Troy Hunt (@troyhunt) July 20, 2024

This sentiment was echoed by other experts who noted the rapid increase in CrowdStrike-themed domain registrations.

How are the scams being conducted?

One common tactic involves sending emails or messages claiming to be from CrowdStrike, offering a fix for the outage. These messages often contain links to malicious websites or attachments that install malware on the victim’s device.

Another prevalent scam is phone calls from individuals pretending to be tech support from CrowdStrike or Microsoft, asking for personal information or remote access to the victim’s computer.

In Latin America, there have been numerous attempts by scammers to trick individuals into downloading malicious software by posing as CrowdStrike employees. These scams are particularly dangerous because they exploit the urgency and confusion caused by the outage, making victims more likely to fall for the ruse.

Hackers are creating fake websites that appear official to trick IT managers and the public into downloading harmful software or revealing sensitive information.

How to protect yourself from such scams

To protect yourself from these scams, it is crucial to follow several precautionary steps. First, always verify the source of any communication related to the outage. If you receive an email, message, or call claiming to be from CrowdStrike or Microsoft, do not respond directly. Instead, visit the official website of the company and check for any announcements or updates.

Scammers often create a sense of urgency to pressure victims into acting quickly without verifying the authenticity of the communication. Catriona Lowe, deputy chair of the Australian Competition & Consumer Commission, warns, “These scammers often create a sense of urgency that you need to do what they say to protect your computer and your financial information.”

It is essential to slow down and take the time to verify any requests for personal information or actions.

If you encounter a suspected scam, report it to the relevant authorities. Different countries have designated websites for reporting scams. In Australia, individuals can report scams to Scamwatch. In the UK, concerns can be sent to report@phishing.gov.uk. In the US, instances of fraud can be reported to the US Federal Trade Commission. Reporting scams helps authorities track and address these fraudulent activities.

Special attention should be given to vulnerable groups, particularly older adults, who are often targeted by scams. The US National Institute of Aging advises checking in with older friends and family to ensure they are aware of the potential threats and know how to protect themselves.

Clare O’Neil, Australia’s Minister for Home Affairs and Minister for Cyber Security, said, “It is very important that Australians are extremely cautious of any unexpected texts, calls or emails claiming to be assistance with this issue.” She also urged people to help protect vulnerable individuals, including elderly relatives, by making sure they are extra cautious during this time.

What was the global impact of the outage

The outage’s impact was felt across multiple sectors, including travel, healthcare, and banking. The interconnectedness of global digital infrastructure meant that the outage had widespread repercussions.

Airlines were among the hardest hit by the outage. By Friday, more than 5,100 flights were canceled worldwide, with the number decreasing to around 1,500 by Saturday.

In India, three major airlines – IndiGo, SpiceJet, and Akasa Air – were facing significant technical issues due to the outage. The US experienced significant disruptions, with Delta Air Lines and United Airlines facing the most cancellations.

Delta canceled more than 800 flights, while United dropped nearly 400. The situation at Hartsfield–Jackson Atlanta International Airport, where Delta is the dominant carrier, was particularly chaotic, with thousands of passengers stranded and many spending the night at the airport.

Healthcare systems globally reported significant issues due to the outage. Many hospitals and clinics experienced canceled surgeries, restricted access to patient records, and even closures.

Cedars-Sinai Medical Center in Los Angeles made “steady progress” in restoring services but acknowledged ongoing efforts to fully recover. In Austria, Harald Mayer, vice president of the Austrian Chamber of Doctors, highlighted the need for analog backups to protect patient care, stating, “The outage showed that hospitals need analog backups to protect patient care.”

Also Read: PC stuck on Blue Screen of Death loop? Here’s how to stop it from spiralling

Online banking portals were also affected, leading to delays in financial transactions. The outage’s impact on the banking sector underscored the importance of robust cybersecurity measures and the vulnerabilities within interconnected digital systems.

Government cybersecurity agencies across the globe, including America’s Cyber Defense Agency and Australia’s National Anti-Scam Centre, issued warnings for consumers to be wary of scams during this time.

With inputs from agencies