Bolster, a leader in multi-channel phishing protection, announced that its free CheckPhish site, one of the most popular phishing and scam detection platforms online, has detected a surge in malicious activities. Over 40 phishing and fraudulent lookalike domains were created within the first 24 hours following the CrowdStrike software incident.
CheckPhish is a real-time URL scanner that uses various machine learning algorithms to determine if a site is malicious. Since its launch in 2018, it has scanned more than 6.5 billion URLs. With CheckPhish, users can scan suspicious URLs and monitor for typosquats and lookalike variants of a domain.
“We have been observing the CISA’s warning unfold in real-time. In the early hours of July 19, scammers began attempting to lure victims into various scams. Within the first 24 hours, more than 40 typosquat domains targeting CrowdStrike users were identified and added to the CheckPhish site,” said Abhilash Garimella, vice president of Research at Bolster. “A typosquat, or lookalike domain, mimics a legitimate domain with slight variations, such as common misspellings or additional characters. These domains are designed to deceive users into thinking they are visiting a trusted site when, in reality, they are being redirected to a fraudulent one.”
Bolster has identified multiple types of phishing scams, ranging from malicious domains offering technical or legal support to CrowdStrike crypto tokens and sites still under construction.