Windows CrowdStrike Issue: CERT-In Warns Of 'Phishing Campaign' Targeting Affected Online Users; How To Be Safe

Indian Computer Emergency Response Team (CERT-In) warns users of cybersecurity incidents in the country at regular intervals. Functioning under the Ministry of Electronics and Information Technology, Government of India, the national nodal agency has warned users of a phishing campaign that is leveraging the recent Microsoft Windows CrowdStrike outage to target affected users.

For context, the faulty update to the CrowdStrike Falcon sensor led to the crashing of the Microsoft Windows systems on July 19. While Microsoft and Windows have shared official fixes, CERT-In shared that a phishing campaign targeting the affected users are ongoing to conduct malicious activities. As per the advisory, bad actors may send phishing emails to impersonate CrowdStrike staff to customers.

Also Read: Windows CrowdStrike Update: CERT-In Issues Advisory On Microsoft Windows Disruptions, Shares Fix For Affected Users

Not only written communication, impersonation on phone calls is also a recent concern. Moreover, the campaign also involves the sale of software scripts for automatic repairs of the CrowdStrike update issue. Plus, hackers may also share trojan malware disguising them as recovery tools. "These attack campaigns could entice an unsuspected user to install unidentified malware, which could lead to sensitive data leakage, system crashes and data loss," CERT-In noted.

Windows CrowdStrike Phishing Campaign: How To Be Safe?

The Indian cyber agency said organisations should configure their firewall to block connections to fake URLs that aim to fix the CrowdStrike outage. Secondly, users should only apply the official patch offered by CrowdStrike and Microsoft. CERT-In added that users should not browse suspicious websites or interact with harmful links.

You should not run '.exe' files received from unknown or suspicious sources. Plus, users must only download apps and files from trusted sources. Avoid sharing personal details with suspicious mobile numbers. Do research about the phone number from a caller ID service and their message online. Before opening websites, make sure to cross-check the domain.

Also Read: Windows CrowdStrike Issue: Microsoft Launches USB Recovery Tool To Help You Repair Affected Systems Faster | Step-By-Step Process

You must also consider installing safe browsing tools and an antivirus. CERT-In added that users should remain suspicious of shortened links and check for the webpage preview before opening the link. Lastly, the agency also said users must check the encryption certificates of a website before entering personal information or login credentials.