|
Bolster Detects Spike in Phishing Sites Following CrowdStrike Incident, Offers Free CheckPhish Tool for Protection
Friday, July 26, 2024
Cybersecurity and Infrastructure Security Agency (CISA) warns that threat actors are taking advantage of recent IT outage via phishing scams and other malicious activity
SANTA CLARA, Calif., July 22, 2024 /PRNewswire/ -- Bolster, a leader in multi-channel phishing protection, today announced that its free CheckPhish site, one of the most popular phishing and scam detection sites on the internet, has detected a spike in malicious activities, with more than 40 phishing and phony lookalike domains created in the first 24 hours following the CrowdStrike software incident.
CheckPhish is a free, real-time URL scanner that uses an array of machine learning algorithms to determine if a site is malicious or not. Since its inception in 2018, it has scanned more than 6.5 billion URLs. With CheckPhish, you can scan suspicious URLs and monitor for typosquats and lookalikes variants of a domain.
"We have been watching the reality behind the CISA's warning play out in real-time. In the early hours of July 19, scammers began trying to lure victims into various scams. Within the first 24 hours, more than 40 typosquat domains were targeting CrowdStrike users and had been added to the CheckPhish site," said Abhilash Garimella, vice president of Research at Bolster. "A typosquat, or lookalike domain, resembles a legitimate domain but with variations, such as common misspellings or additional characters. These domains are meant to deceive users into believing they are visiting a trusted site when, in fact, they are being redirected to a fraudulent one."
Bolster has identified multiple types of phishing scams already, from malicious domains offering technical or legal support, to CrowdStrike crypto tokens, and sites still under construction. The CheckPhish community has created a growing list of 'CrowdStrike' typosquats that can be found here.
5 Tips to Protect Organizations and Employees
1. Security teams should add the list of typosquat domains to their email
security and web security gateway blocklists to prevent business email
compromise (BEC) attacks or phishing emails to employees.
2. Double-check URLs and domains before entering information, especially if
they were sent via an email or an SMS.
3. Google or Bing search for official contact or support channels.
CrowdStrike and Microsoft have official support channels and phone
numbers on their websites: crowdstrike.com and microsoft.com.
4. Be cautious before accepting unsolicited help via email or phone. It is
nearly impossible to distinguish between real help and a tech support
scam.
5. If you encounter a phishing page or a scam call, report it to your
company's IT department and CrowdStrike's website. Add the scam to the
active list here, and raise community awareness of it.
Visit CheckPhish to scan suspicious URLs and monitor for typosquatting, or URL hijacking, and lookalike variants of a domain. To learn more, please visit www.bolster.ai.
About Bolster
Bolster's mission is to make the internet a safer place by detecting, taking down, and monitoring phishing, fraud, and scam activity across the web, social media, app stores, and the dark web. Within milliseconds, Bolster renders a verdict using LLMs and the largest structured phishing dataset in the industry - delivering multi-channel phishing protection with near-perfect precision and at scale. To learn more, go to www.bolster.ai.
View original content to download multimedia:https://www.prnewswire.com/news-releases/bolster-detects-spike-in-phishing-sites-following-crowdstrike-incident-offers-free-checkphish-tool-for-protection-302202234.html
SOURCE Bolster
|
|
|
|
Binary Defense Selected as 2024 SC Awards Finalist for Best Threat Detection Technology | Sep 7, 2024
|
|
Smart TV Market to Reach $497.3 Billion, Globally, by 2033 at 9.5% CAGR: Allied Market Research | Sep 7, 2024
|
|
Metron and Cellula Robotics Complete a Series of In-Water Demonstrations for Multi-National Defense and Commercial Customers | Sep 7, 2024
|
|
General Dynamics Mission Systems Awarded $491.6 Million Design and Development Contract for Space Development Agency's Ground, Management and Integration Program | Sep 7, 2024
|
|
Strider Technologies Opens Tokyo Office to Support Growing Demand for Economic Security Solutions in Japan and Asia Pacific | Sep 7, 2024
|
|
Stottler Henke's MARS Scheduling System Enters Operational Use by the U.S. Space Force | Sep 7, 2024
|
|
Generative AI market to reach US$1.5 trillion by 2030 with Taiwan holds hardware advantage; software and services to see promising future, says DIGITIMES Research | Sep 7, 2024
|
|
Safes and Vaults Market to Reach $18.7 Billion, Globally, by 2032 at 9% CAGR: Allied Market Research | Sep 7, 2024
|
|
Azentio to lead insurance technology modernization through the acquisition of intellectual property and other assets of Kuwait-based Pysurance and iMOTOR | Sep 7, 2024
|
|
Paysemble(TM): Opus Technologies Delivers Plug & Play Payment Integration Solutions | Sep 7, 2024
|
|
|
|