In the hours after American cybersecurity firm CrowdStrike deployed a flawed software update that crippled critical businesses and services around the world, scammers pounced.
Government agencies and businesses have warned that the panic caused by the CrowdStrike crash Friday has given criminals an opening to take advantage of customers who are looking to reschedule flights, access banking information or fix their technology.
Here are some ways to guard against the fraudulent schemes.
Scammers see an opportunity.
CrowdStrike provides cybersecurity for about 70 per cent of Fortune 100 companies, so the crash led to widespread failures that grounded planes, crippled businesses, disrupted 911 emergency systems and delayed banking transactions.
Thieves online are using the confusion to carry out a variety of scams, including phishing attempts, the US Cybersecurity and Infrastructure Security Agency said. The National Cyber Security Center in the United Kingdom issued a similar statement noting that an "increase in phishing referencing this outage has already been observed."
Scammers may look to get your money immediately by offering a product such as a bogus plane ticket. But they could also be after personal identifying data that would allow them to access your finances in the future.
What industries are being targeted?
Because grounded planes caused frustrated customers to look to reschedule their flights, travel has been particularly subject to schemers, said Anton Dahbura, executive director of the Information Security Institute at Johns Hopkins University.
For example, suspicious social media accounts with fewer than five followers have been posing as airline support staff. The accounts reply on social media to customers who are seeking assistance from airlines.
One such account, which posts under the handle @EasyJetHlpdek, joined the social platform X this month and began replying to travelers Friday.
"Please do something about all of these @Delta scam accounts," one social media user posted. "They're making a technical issue worse by attempting to redirect customers to DMs fraudulently."
Some airlines have acknowledged the phishing attempts.
JetBlue, in response to a post on X about fraudulent accounts, wrote that the company was "aware of the impersonating accounts and report them as we see them hoping that Twitter will bring them down."
The cybersecurity industry also appears to be the target of scams.
CrowdStrike said on its blog that it was aware of groups impersonating CrowdStrike support. These groups send users files to download with the promise that, once opened, they will fix the crash. Instead, the files contain malware.
Because the effects of the crash have been so widespread, few industries are safe.
"It can be just about anything, unfortunately," Dahbura said. "It can be anything, anyone, at any time."
Here's how to recognize a scam.
Scammers will often ask for information that a verified company already knows about you, or details that it does not need at all, Dahbura said.
On social media, the verified X account for Delta asked customers struggling with their flights to message the company's account with their full name, confirmation number, cities of travel and dates of travel.
That information is less sensitive than asking for someone's date of birth, home address or Social Security number, which a fraudulent account might seek.
Poor grammar and spelling on social media and in texts and emails can also be a sign of a fraudulent account. Also, check the location where a phone call or message originates, but keep in mind that it is also often difficult to recognize impostors.
"They have become incredibly clever," Dahbura said.
Don't give in to quick-fix impulses.
Think twice before giving anyone your personal information over the phone, and look closely at a link before providing credit card information for an online purchase.
During a disruption on the scale caused by the CrowdStrike crash, customers can feel desperate. That desperation, in turn, can fuel demand for a quick-fix solution.
Although it may take longer for a response from a verified business, Dahbura said it is better to spend the extra time than to take a chance on what might be a phony offer of help.
"There is a balance between careful and being paranoid," he said, "and you almost have to start verging on being paranoid."