customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

helpersCheckIsPostiesArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

moreOnThisArticles

urlAlias

commentCount

sponsorType

authorLocations

authors

paywallTypes

corrections

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

socialHeadline

headline

flag

firstTopic

glossary

flattenTypeIds

publishedDate

additionalInfoBoxes

images

image

relatedLinks

relatedNewsletters

__typename

createdDate

sponsor

factSheets

series

summary

updatedDate

knowledgeQuestion

disableOffPlatformContent

published

subHeadline

body

keywords

copyrighted

customTimezone

liveContents

Ng Kang-chung

Cybercriminals are using the global outage triggered by a botched software update from CrowdStrike last week to cheat users with scams spanning from phishing attacks to impersonating customer service staff to steal information, a Hong Kong computer security agency has warned.
The Hong Kong Computer Emergency Response Team Co-ordination Centre said on Monday it was aware of criminals using the outage to launch further cyberattacks.
“[The centre] reminds the public to be aware of hackers using phishing attacks to commit fraud,” it said.
The criminals were sending phishing emails that purported to be from CrowdStrike support services and impersonating company staff in phone calls.
The centre was also aware of scammers posing as independent cybersecurity researchers who claimed to have insights on solutions and that trojan malware disguised as recovery tools was being distributed.
CrowdStrike said on its blog last Saturday it was aware of groups impersonating support staff. These groups sent users files to download with the promise that, once opened, they could fix the crash. But the files instead contained malware.
CrowdStrike provides security software to customers and partners including many cloud platforms used by organisations around the world, including Microsoft Azure, Google Cloud and Amazon’s web services.

The widespread outage last week hit media, retailers, banks and airlines across the world, affecting Windows devices leading to a system crash, according to CrowdStrike.
In Hong Kong, the Airport Authority said on Friday that five airlines were affected. Services slowed to a crawl as airlines resorted to processing travellers manually, leaving hundreds of travellers in long queues and forcing some of them to stay in the city overnight.
Airlines affected included mostly low-cost carriers such as Cathay Pacific Airways’ budget unit HK Express, Scoot of Singapore Airlines and AirAsia.
CrowdStrike CEO George Kurtz has apologised for the IT glitch and said a software bug had created an issue within Microsoft’s operating system.
The centre said on Monday it had not received reports from users about falling victim to the scammers, but it asked the public to stay vigilant and recommended affected users apply remediation methods provided through official channels by CrowdStrike.
“[Users should] not click any links from untrusted sources, such as emails from unknown senders and advertisements from search engines”, the centre said.
It also said users could check the government’s free “Scameter” at Cyberdefender.hk to help identify frauds and online pitfalls.
The Post has contacted police for comments.
Francis Fong Po-kiu, honorary president of the Hong Kong Information Technology Federation, said affected users should generally stay offline until they had installed the fixes and systems had been restored.
Fong said there had been news reports about scammers taking advantage of the global IT crisis to steal data or hack into systems.
“In a disruption on the scale caused by the CrowdStrike crash, all people would feel desperate,” Fong said. “Hackers and cybercriminals would be pleased to see this. So, the easiest thing to do is to go offline and do nothing until the computer system is fixed.”


Hong Kong police arrest 2, seize weapons cache with smoke bombs and air guns in flat raid

Hong Kong police chief inspector, wife charged for allegedly taking HK$1.1 million in bribes

Hong Kong customs arrests 149 in crackdown on phone-order illicit cigarette trade

Hong Kong’s anti-corruption body issues warning after tourist poses as investigator

Crime in Hong Kong

Hongkongers warned that cybercriminals seizing on IT outage to launch phishing attacks

A currency exchange store’s system is out of service during the IT outage last week. Photo: Edmond So

Travellers queue up to check in during the IT outage last week. Photo: Dickson Lee

Hong Kong tech experts urge firms to diversify cloud services after mass IT outage

The city’s airport services slowed to a crawl when airlines were forced to resort to processing passengers manually. Photo: Xiaomei Chen

A computer glitch disrupted Microsoft cloud computing services and affected Windows devices on Thursday. Photo: Getty

AirAsia check-in system at Hong Kong airport down for 1½ hours, day after global IT outage

AirAsia passengers queue at Hong Kong airport following problems with the airline’s check-in system. Photo: Xiaomei Chen

AirAsia staff have been forced to take down customer details with pen and paper. Photo: Xiaomei Chen

Crowds of passengers at Hong Kong airport. Photo: Xiaomei Chen

News

Hong Kong

Law and Crime

Scams span from phishing attacks to impersonating CrowdStrike customer staff to steal information, Hong Kong computer security agency says


Scams span from phishing attacks to impersonating CrowdStrike customer staff to steal information, Hong Kong computer security agency says.


HK Express