CrowdStrike – Warning for Phishing attempts

July 29, 2024

A word for warning following the recent Crowdstrike IT outage – Cybercriminals are looking to capitalise on the confusion.

Global cybersecurity leader Mimecast is warning consumers about potential scams. While this outage was not caused by a cyberattack or another security incident, the disruption has left small businesses and individuals vulnerable to phishing attacks. Moreover, misinformation around the impact is on the rise, leaving cybercriminals ready to capitalise on the confusion.

Following the Home Affairs Minister’s phishing alert, that you’ve written about, global cybersecurity leader Mimecast is sharing its top seven tips for consumers to protect themselves from phishing threats and protect their personal information and ensure their inbox remains secure:

Consumer tips:

  • Be vigilant of impersonators: Cybercriminals will see this incident as an opportune time to gain access to your data. Be aware of quick-fix and recovery emails with links, attachments and queries asking for your personal information
  • Double-check the sender. An email address made up of random letters and numbers is a dead giveaway of a bulk sender. Phishing emails may display as coming from one sender, but in most email platforms, hovering or clicking over the sender’s name will reveal the true origin address.
  • Eggs, Bacon, and lots of Spam. Be aware of the types of spam in your inbox. Spam comes in many forms: Email, text, social media and voice.
  • Block automatic downloads: Blocking the automatic download of pictures or links in emails prevents spammers from verifying that they’ve contacted a valid address, which they can subsequently sell to other spammers. Blocking downloads is also a good defense against infection from malicious malware that could be lurking in messages.  
  • Turn off email read and delivery receipts: Signed, sealed but not delivered.  Receipts can serve the same function as automatic downloads in confirming a valid address. Turn them off as the default. 
  • Artificial Phishelligence: The world of AI is evolving and unfortunately, so are cyber scams. AI has increased the quality of phishing tricks so it’s important to stay informed on the latest scams.  
  • Report suspicious activity to Scamwatch: Report any suspicious activity whether it’s emails, phone calls, social media messages or text messages. You can file a report at  https://www.scamwatch.gov.au/

ch.