How Can Bolster Help Combat Phishing After the CrowdStrike Incident?

July 24, 2024

In the wake of the recent CrowdStrike software incident, cybersecurity firm Bolster has observed a significant surge in malicious activity. Bolster, using its free CheckPhish site, reported that over 40 phishing and phony lookalike domains were established within the first 24 hours following the breach. The CrowdStrike incident has prompted cybercriminals to quickly devise new methods to exploit the situation, leading to a sudden spike in these deceptive domains. With CheckPhish, companies and individuals can now scan URLs in real-time, employing an array of machine learning algorithms to identify potential threats. This timely detection provides crucial support in monitoring phishing attacks, typosquats, and other lookalike domain variants, helping to keep organizations secure in an increasingly hostile digital landscape.

1. Security personnel should incorporate the list of lookalike domains into their email protection and web security gateway blocklists to avert business email compromise (BEC) assaults or phishing messages to employees.

One of the first steps that security teams must take to mitigate the risk of phishing attacks following the CrowdStrike incident involves incorporating a list of known lookalike domains into their existing security systems. By updating email protection and web security gateway blocklists with these suspicious domains, organizations can preemptively block potentially harmful communications. This proactive approach aims to prevent business email compromise (BEC) attacks, which are a common method used by cybercriminals to infiltrate an organization’s internal network by sending disguised emails to employees.

These blocklists become the first line of defense, filtering out emails that come from a fraudulent domain before they reach an employee’s inbox. As attackers continue to create new lookalike domains, maintaining an updated list helps to constantly guard against the threat. Regularly revising these blocklists to include recently identified phishing websites can diminish the likelihood of an employee unknowingly interacting with a malicious email. Ensuring that these updates occur frequently and consistently is critical for maintaining the security of communication channels.

2. Carefully verify URLs and domains prior to submitting information, particularly if they were received through an email or a text message.

Another essential strategy to combat phishing is for users to exercise meticulous caution when verifying URLs and domains before entering any sensitive information. Phishing attacks often rely on the recipient’s lack of scrutiny, exploiting common misspellings or slight variations in domain names to deceive users into believing they are on legitimate websites. This kind of social engineering attack can be very effective, making it crucial for everyone to double-check URLs and domains prior to engagement, especially if the link was received via email or SMS.

Taking a moment to hover over a hyperlink to view its actual URL or typing the web address directly into the browser can reduce the chances of falling prey to phishing scams. Users should also be wary of pop-ups and redirects that seem out of place, which are often signs of a malicious attempt to steal information. By fostering a culture of vigilance and skepticism, organizations can significantly reduce the number of successful phishing attacks that target their employees.

3. Use Google or Bing to search for legitimate contact or support channels. CrowdStrike and Microsoft maintain official support channels and phone numbers on their websites: crowdstrike.com and microsoft.com.

A reliable method to avoid being duped by phishing scams is to use search engines like Google or Bing to find legitimate contact or support channels directly from the official websites. For instance, companies like CrowdStrike and Microsoft have dedicated support channels and contact information available on their websites, which can be easily found by performing a quick search on recognized search engines. This practice ensures that users are interacting with verified entities rather than falling victim to fraudulent sources.

Searching for official contact information rather than relying on details provided in unsolicited emails or messages can significantly reduce the risk of engaging with scam artists. Authentic websites for these companies will often have SSL certificates, denoted by “https” in the URL, providing an additional layer of security assurance. Encouraging employees to utilize search engines for such information also serves as an educational measure, enhancing their awareness and ability to recognize genuine support avenues.

4. Exercise caution before accepting unsolicited assistance via email or phone. It is almost impossible to differentiate between authentic help and a tech support scam.

With the rise in phishing attempts disguised as technical or legal assistance, it is imperative that individuals exercise extreme caution before accepting any unsolicited offers of help, whether received via email or phone. Cybercriminals frequently pose as legitimate support representatives, utilizing convincing language and professional appearances to gain the victim’s trust. Given how sophisticated these scams have become, distinguishing between genuine offers of help and tech support scams is extraordinarily challenging.

Therefore, users should be highly skeptical of any unsolicited communication, even if it appears to come from a reputable organization. It’s best to independently verify the authenticity of the support offered by contacting the organization directly through their official channels rather than responding to the unsolicited request. This practice helps in avoiding potential scams that often result in compromised personal or corporate data. Employees should be instructed to report such incidents to their IT department immediately for appropriate action and increased vigilance.

5. If you come across a phishing site or receive a scam call, report it to your company’s IT department and CrowdStrike’s website. Add the scam to the active list here, and increase community awareness about it.

A key strategy to combat phishing involves users exercising extreme caution when verifying URLs and domains before inputting any sensitive data. Phishing attacks often hinge on the recipient’s lack of meticulousness, using common misspellings or slight variations in domain names to trick users into thinking they are on legitimate websites. This form of social engineering can be highly effective, making it essential for everyone to double-check URLs and domains before proceeding, particularly if the link arrived via email or SMS.

Taking a second to hover over a hyperlink to see its actual URL or manually entering the web address into the browser can significantly decrease the risk of falling victim to phishing scams. Users should also be cautious of unexpected pop-ups and redirects, which are common indicators of malicious attempts to steal information. By fostering a culture of vigilance and skepticism, organizations can drastically cut down the number of successful phishing attacks targeting their employees. Cybersecurity awareness and proactive measures are key to maintaining a secure online environment.

Subscribe to our weekly news digest!

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for subscribing.
We'll be sending you our best soon.
Something went wrong, please try again later