ACCC warns of scam deluge in wake of CrowdStrike outage

Blue Screen of Death

The Australian consumer advocacy watchdog’s National Anti-Scam Centre has sounded a warning to consumers and small businesses of a potential deluge of “unsolicited calls, emails or messages” promising to help ‘fix’ systems affected by the CrowdStrike outage.

Scammers have been reported commanding their targets to download software patches or provide remote access to their systems, promising to assist with restoring systems or preventing a CrowdStrike/Microsoft-initiated outage.

The ACCC also warned consumers to be alert to unsolicited requests from individuals claiming to be from their financial institutions or other businesses requesting that they update or verify their personal or financial information that, the frausters claim, was ‘lost’ in the Friday outage.

“Criminals look to take advantage of incidents like this CrowdStrike outage, creating a sense of urgency that you need to do what they say to protect your computer and your financial information,” said ACCC deputy chair Catriona Lowe.

CrowdStrike cybersecurity software is oriented at large corporate businesses, with personal computing devices (those that are not work-from-home business devices) unlikely to be affected.

The Australian Cyber Security Centre (ACSC) also issued a warning to businesses of the emergence of malicious websites and unofficial code released by hackers that claim to assist with ‘CrowdStrike recovery’. The ACSC has urged all businesses to source their technical information directly from CrowdStrike sources only.

Minister for Home Affairs and Cyber Security Clare O’Neil also commented on the surge in post-outage fraudsters, urging Australians via LinkedIn to be “extremely cautious of any unexpected texts, calls or emails claiming to be assistance with this issue”.

The Friday outage – one of the largest in history and affecting a significant number of major businesses worldwide and in Australia – was caused by a defect in an official CrowdStrike-issued update for its widely adopted Falcon Security Operations Centre (SOC) platform.

The incident reportedly affected around 8.5 million Windows devices – according to Microsoft, less than one per cent of all Windows machines.

Businesses across Australia reported systems outages at around 3pm AEST, with the developer-initiated bug triggering a repeated stop error – popularly known as ‘Blue Screen of Death’, or BSoD – cycle on Windows systems.

CrowdStrike has since issued a patch to remedy the error.

The outage affected a number of major Australian businesses, including banks and payment systems providers, airports, retailers (including major supermarket chains), and government agencies.

While the Australian Banking Association (ABA) noted only “minor disruptions” to banking services and payments systems resulting from the CrowdStrike update, several banks and their customers were reporting periods of sustained outage, particularly for payments services.

CBA issued a statement on Friday evening noting that while its systems were largely unaffected – including its Netbank, CommBank app, CommBiz, merchant payments and ATMs – PayID-initated payments were delayed.

“We are aware of a large-scale technical outage affecting a number of companies. This outage relates to a technical issue with a third-party software platform. We are urgently investigating any impacts to our systems and services,” the bank announced to customers.

CBA added: “We know some customers have been unable to make PayID payments. If you are unable to use PayID, you’re still able to make payments between your accounts or pay someone using their BSB and account number.

CBA confirmed that the PayID issue, which it stated was industry-wide, was promptly rectified on the same day.

Bendigo also issued multiple releases on X (formerly Twitter), noting that it was “continuing to restore our services following a global system issue”.

“e-banking is available as are most other services including OSKO payments. Some payments made during the early stages of the issue will be processed on Monday morning. We apologise for the inconvenience.”

Bendigo Bank said the issue was finally rectified on 22 July.

Among the major Australian and New Zealand financial services businesses reportedly impacted by the outage included CBA/ASB, ANZ, NAB, Macquarie Bank, Medibank, Kiwibank, HBF, BoQ, Bendigo Bank, and Bank Australia. As well, AusPost, the ABC, the NSW Government, NSW Police, Coles and Woolworths reported intermittent downtime.