A new distinctly pinpointed phishing, phishing and imposter activity has emerged in the aftermath of a crowd-affiliated security firms evidently well publicized collapse, and recovery of services. The outage caused “Mayhem around the world”, cried the newspapers. As the security collapse affected airports, hospitals, communication and emergency services in multiple countries, a new phishing boom, attempting to leverage the situation and to imposter the security company, was on the rise. As the threat looms, so is the need for a reliable shield against it. E.D.E. Technology-Commercial Director emphasized: “The Swissbit iShield Key series offers the strongest authentication, simultaneously simple, secure, and flexible. It actively protects users from online attacks, such as phishing, social engineering, and account takeover“.
A counterstrike against the strike? “Inadvertently caused mayhem around the world”, “Cyber-security experts and agencies around the world are warning people about a wave of opportunistic hacking attempts linked to the IT outage”, “crashed systems worldwide, with online banking portals and air travel among the services impacted”. These are just a few of the first words of the worldwide regarding Crowdstrike’s Falcon services collapse and aftermath. The security firm’s services outage, due to a faulty software update, affected 8.5 million windows devices, according to a TIME magazine report. Now, a concern, from government-affiliated agencies and from Crowdstrike itself, had risen about the backlash of the event in the cyber world. specifically, that hostile players might capitalize on the event to lure in those affected regarding the resulting confusion surrounding malicious cyber activity. WIRED magazine, an American tech news outlet, reported that researchers on Friday afternoon began warning that attackers are reserving domain names and starting to up and roll websites and other infrastructure to run “CrowdStrike Support” scams targeting the company’s customers and anyone who might be impacted by the chaos. Furthermore, CrowdStrike’s own researchers also warned about the activity on Friday and published a list of domains seemingly registered to impersonate the company.
The WIRED article, aptly titled “don’t fall for Crowdstrike Outage Scams”, stated that researchers, including those from CrowdStrike intelligence, have thus far seen attackers sending phishing emails or making phone calls where they pretend to be CrowdStrike support staff and selling software tools that claim to automate the process of recovering from the faulty software update. Some attackers are also pretending to be researchers and claiming to have special information vital to recovery—that the situation is the result of a cyberattack, which it’s not. In the same time, the BBC published that British and Australian Cyber agencies warned their citizens to stay vigilant. The TIME report also stated that US agencies, Crowdstrike officials, emphasized that same notion.
And what better way to shield one self from a phishing scheme than to get a shield neatly, and specifically, designed to defend against it? Meet your shield. Your iShield. The iShield Key FIDO2, or is more “packed” brother the iShield Key Pro are your keys for a safer technological tomorrow. The brainchild of memory Storage tech visioner Swissbit, the iShield Key product family offer the best simple, secure, and flexible go-to solutions in one splendid “casing”. As compromised credentials are the most common cause of malicious attacks, accounting for 61% of breaches, the iShield Key family protects user from online harm by a variety of Multi-Factored Authentication (MFA) options as it is compatible with all FIDO2-complaint websites and services such as Google, Microsoft, Amazon and many more. This one-for-all key for security offers USB and NFC connectivity for multiple uses. In its Pro version, the iShield key offers not only the FIDO2 but Hash messaged authentication code-based one-time password (HOTP), Time-based One-Time Password (TOTP) or Personal Identity Verification (PIV). Not to mention its capability to be OpenSC compatible. As MFA is essential, these keys for a secured future are available in USB A and USB C settings, just take your pick.
Dr. Eran Weis, Technology-Commercial Director of Swissbit’s partner E.D.E. electronics, stated: “in its first quarter of 2024 phishing activity trends report, APWG mentioned, black on white, the fact that the identity theft technique known as ‘business e-mail compromise’, abbreviated BEC, was responsible for $2.9 billion dollars in losses in the U.S. in 2023 according to an FBI’s internet Crime Complaint Center”, and explained: “It was also added that this quarter had the lowest quarterly phishing attacks total since Q4 2021. With recent events, apparently this trend is bound to change. As the Swissbit iShield Key is compatible to worldwide cybersecurity regulations such as the NIS-2 in the EU and the zero-trust strategy outlined by the OMB for US agencies- it is fully ready to operate as a cyber shield to those who want great protection”. The iShield key solutions family is well versed in all storage secured. More than just another FIDO2 stick, its ability “to double” as a physical access control tool makes it unique in the market, especially with the impending adoption of FIPS 140-3 standards, thus ensuring one of the highest levels of cryptographic security ever made.
“Compromised passwords are the most common cause of malicious attacks, accounting for 61% of breaches. The Swissbit iShield Key series offers the strongest authentication, simultaneously simple, secure, and flexible. It actively protects users from online attacks, such as phishing, social engineering, and account takeover“ emphasized Dr. Weis.
That’s warranted as the threat is still looming. Crowdstrike’s own intelligence listed in a statement approximately 30 “fresh” domains that are or will potentially be part of scam operations taergeting the company’s affected clients. According to Windows, although the fallout affected only less than 1% of all windows operated machines, the machines affected included online banking portals, air travel and airport services. In Israel in particular, the outage caused a formidable fallout as it affected communication platforms such as the Israel Electric Corporation (IEC) emergency hotline, as well as services in a series of government-led public hospitals.