Defending Against the Scam-Filled Fallout From Digital Disruptions

CrowdStrike, scams, cybersecurity

Fraudsters are drawn to compromised digital ecosystem like ants to a picnic.

Bad news for companies creates opportunities for criminals — with disruptions like the recent CrowdStrike and Microsoft outage offering a perfect cocktail of urgency, uncertainty and money movement for scammers and fraudsters to exploit.

Against this backdrop, it is becoming increasingly critical for businesses to adopt a multi-faceted approach to prepare for and mitigate scams arising from digital disruptions.

The CrowdStrike failure was one of the largest IT disruptions in history, impacting a variety of critical global sectors including airlines, financial services, retailers and more. Per a Tuesday (July 30) report, the incident spurred opportunistic behaviors among scammers and malware creators, ranging from domain spoofing to artificial intelligence (AI) voice scams, phishing attempts and more.

The cyber threat landscape necessitates a proactive approach to cybersecurity. By understanding the threats and implementing comprehensive security measures, businesses can safeguard their operations from digital disruption.

Read more: Crisis as Catalyst: What AT&T, CrowdStrike Incidents Say About Recovery Best Practices

The Long Reach of the Cyber Failure 

As PYMNTS reported last Wednesday (July 24), CrowdStrike Intelligence has been monitoring a surge in malicious activity that leveraged the disruption event as a lure.

The company said it had received reports that threat actors are conducting activities such as sending phishing emails posing as CrowdStrike support to customers; impersonating CrowdStrike staff in phone calls; posing as independent researchers, claiming to have evidence the technical issue is linked to a cyberattack and offering remediation insights; selling scripts purporting to automate recovery from the content update issue; and registering malicious domain spoofing sites.

One of the most prevalent forms of cybercrime that has evolved with digital transformation is domain spoofing, often a precursor to phishing attacks. Domain spoofing involves creating a website that closely resembles a legitimate business’s site, tricking customers into believing they are interacting with a trusted entity. Cybercriminals use these spoofed domains to steal sensitive information such as login credentials, credit card numbers and personal data.

Some domains already flagged as malicious from the CrowStrike event include crowdstrikefix[.]com; crowdstrike-helpdesk[.]com; and crowdstrikebsod[.]com.

Phishing and so-called “spear phishing,” types of scam that have been covered here at PYMNTS, involve sending deceptive emails that appear to come from reputable sources. These emails often contain links to spoofed websites or attachments that, when clicked, install malware on the victim’s device. In recent years, the sophistication of these attacks has increased, with criminals employing techniques reliant on other advanced innovations like AI.

Read more: Firms Look to Mitigate Consequences From Data Breaches

Navigating the New Frontier of Digital Threats

As artificial intelligence (AI) continues to evolve, so too do the methods employed by cybercriminals. One of the more alarming developments is the use of AI to create deepfake audio and voice scams. These scams involve the use of AI to mimic the voices of executives or trusted individuals within an organization, tricking employees into transferring funds or disclosing sensitive information.

The technology behind deepfake audio has become increasingly sophisticated, making it challenging to discern between genuine and fraudulent communications. This form of social engineering leverages the trust placed in verbal communications and the authority of the impersonated individuals, making it a potent tool in the cybercriminal’s arsenal.

Malware, or malicious software designed to damage or exploit computer systems, has been a longstanding threat. However, digital disruptions have exacerbated the risks by increasing the number of potential entry points for these attacks. Business customers using digital platforms for transactions, communications or cloud storage are particularly vulnerable.

Given that many cyber threats exploit human vulnerabilities, employee training and awareness programs are critical. Staff should be educated on recognizing phishing attempts, the importance of secure password practices and the potential risks associated with social engineering tactics.

After all, the fallout from the CrowdStrike disruption is not the first time fraudsters have taken advantage of an unfortunate situation.

As PYMNTS reported last spring after the collapse of Silicon Valley Bank (SVB), cybercriminals are constantly looking to capitalize on the ensuing confusion caused by a crisis capitalizing on the fear-driven climate with behavioral-driven fraud tactics.

“You’d be shocked at how many people are trying to scam off [this situation],” David Tabachnick, chief financial officer at HungerRush, told PYMNTS at the time.

PYMNTS-MonitorEdge-May-2024