Quick Links
Whenever something big happens in the technology world, scammers are not far behind. The 2024 CrowdStrike outage is no different, and while the issues have been mostly sorted out, scammers are hot on its heels, peddling their latest tricks.
So, here’s what’s going on with the CrowdStrike repair email and why you should ignore it.
What Is CrowdStrike?
CrowdStrike is a global cybersecurity company whose clients include some of the world’s biggest companies. Companies that can’t risk data loss or having their systems compromised usually invest in something a little beefier than theWindows antivirus appsthat you and I use on our personal computers, which is where expert organizations like CrowdStrike are required.
CrowdStrike is one of the more popular options for businesses, offering defense against hackers trying to gain access to vital systems, endpoint security, threat intelligence, and cyberattack response services. Given that the loss of these vital systems could cost companies millions of dollars at best or human lives at worst, companies need the best security they can get.
The CrowdStrike outage happened when the security firm pushed a bad update to companies worldwide. This update caused Windows computers to suffer aBluescreen of Deathloop when they booted up and rendered the affected systems unusable. This caused chaos worldwide, from canceled flights to important hospital software going offline. Furthering the issue, most affected computers needed to be reset and rebooted manually, adding millions of hours of downtime to vital systems.
What Is the CrowdStrike Repair Email?
As you might imagine, the CrowdStrike bug caused companies to panic. Many were looking for solutions from either Microsoft or CrowdStrike, both of which eventually published updates and tools to help PCs get back on track. Unfortunately, where there’s widespread panic, scammers aren’t far behind.
CrowdStrike identified a scam making the rounds that uses the latest outage as part of its bait. As described on theCrowdStrike blog, scammers took a copy of Microsoft’s advice on how to fix a computer affected by CrowdStrike. They then pasted it into a Word document and added aWord macrodesigned to download the Daolpu malware onto the target PC. They then email the infected Word document to people in hopes of getting a catch.
When someone receives the email with the infected Word document, they download it to learn how to fix the CrowdStrike bluescreen error. If they enable Word macros, the Daolpu malware downloads onto the victim’s PC. From here, Daolpu steals cookies and login details from the victim’s browser and sends them back to the scammer.
What to Do If You Receive a CrowdStrike Repair Email
Fortunately, the CrowdStrike repair email scam requires quite a bit of interaction to trigger. You’ll not only need to receive the email, but you also need to download the Word document and also enable macros. Some quality antivirus apps will detect if a Word document contains macros and will block the download before it even arrives.
Even if it does land on your PC, Word will warn you that the document contains macros and won’t let you enable them without your explicit permission. This scam makes for a good learning experience for a common rule of thumb: if you don’t know where the Word document came from, never enable macros. Who knows what’s lurking in there?
Should You Worry About CrowdStrike?
If you receive a CrowdStrike repair email, you may wonder: Will the CrowdStrike flaw affect my PC? Fortunately, if you’re reading this from your personal computer, I can guarantee that you’re not affected by CrowdStrike at all.
Remember, CrowdStrike is a business-orientated security suite designed to help organizations protect themselves. There’s an extremely high chance that your personal computer does not use CrowdStrike as its antivirus; it’d be like putting bulletproof glass on your everyday car. And because you don’t have CrowdStrike on your system, you’re unaffected by the recent outage.
If anyone claims that your PC is under threat because of CrowdStrike, there’s a high chance they’re trying to scare you into doing whatever they say. Don’t believe them; CrowdStrike is not a hidden service on your Windows PC, nor is it something you’d usually download on a personal PC.
The CrowdStrike repair scam is pretty nefarious, capitalizing on fear to spread malware. Fortunately, if you receive it on your personal computer, you have nothing to worry about. If you are using it, don’t trust a random email; instead, useMicrosoft’s recovery toolor readCrowdStrike’s documentation on the outagefor more information.
