• Explore
  • Blog
  • Podcast
  • About
  • Services
  • Contact
Menu

Exploring Information Security

Securing the Future - A Journey into Cybersecurity Exploration
  • Explore
  • Blog
  • Podcast
  • About
  • Services
  • Contact

Beware of Fake Ransom Note Campaigns Coming Via Snail Mail

March 11, 2025

I put together this blog post together for an internal security awareness program. Feel free to grab and use for your own.

In recent weeks, an alarming scam has been targeting businesses using a tactic we may not expect: physical mail. Criminals looking to take advantage of data breach news are sending fake ransom notes through snail mail according to a new Guidepoint Security report. In this particular scam the criminals are pretending to be from a newer ransomware-group called "BianLian." These letters demand Bitcoin payments, claiming to hold sensitive data hostage and threatening to release it unless paid within a short timeframe, often 10 days.

 

What Makes This Scam Dangerous?

The key element that makes these scams so effective is fear. Corporate executives or individuals may panic at the thought of sensitive company data being released, which can lead to rash decisions like paying the ransom. This type of scam capitalizes on the urgency and distress of the threat, even though there is no actual data breach.

 

FBI's Warning: This is a Scam!

The FBI has issued a Public Service Announcement (PSA), clarifying that there is no verified connection between these ransom letters and the BianLian ransomware group. While the attackers are attempting to intimidate victims, they are, in fact, preying on fear without any real access to stolen data.

 

What You Should Do

As part of our internal security awareness efforts, it’s essential to be aware of this type of scam. Here are a few tips on how to protect yourself and the organization:

 

  • Remain Calm: If you receive a ransom letter (or any unusual communication), do not respond immediately.

  • Report Suspicious Incidents: If you receive a suspicious letter or email, report it to the Service Desk or reach out to the Cybersecurity Team directly.

  • Stay Informed: Criminals are constantly shifting tactics to try and get people to fall for their scams. Blogs like this can help you stay informed about the latest threats.

The Bigger Picture: Ransomware is Evolving

While this particular scam may seem unusual, it’s part of a broader trend where ransomware groups and other cybercriminals evolve their tactics to bypass traditional security systems. This underscores the importance of staying ahead of the curve, maintaining awareness of new attack vectors, and ensuring that all team members are educated about the latest cybersecurity threats.

In News Tags Ransomware, Scam
Share
← March 2025 - ExploreSec Cybersecurity Awareness newsletterHow to Participate in a CTF: A Beginner’s Guide to Capture The Flag Competitions →

Latest PoDCASTS

Featured
Apr 1, 2025
How Do Ransomware Gangs Work?
Apr 1, 2025
Apr 1, 2025
Mar 25, 2025
Offensive Tools for Pentesters with Chris Traynor
Mar 25, 2025
Mar 25, 2025
Mar 18, 2025
Hands-On Hacking with James Gillkey
Mar 18, 2025
Mar 18, 2025
Mar 11, 2025
Breaking Bad Code with Kevin Johnson
Mar 11, 2025
Mar 11, 2025
Mar 4, 2025
ShowMeCon and Security Perspectives with Amanda Berlin
Mar 4, 2025
Mar 4, 2025
Feb 25, 2025
How to Participate in a CTF
Feb 25, 2025
Feb 25, 2025
Feb 18, 2025
Real World Windows Forensics and Incident Response with JC at ShowMeCon 2025
Feb 18, 2025
Feb 18, 2025
Feb 12, 2025
ShowMeCon: A Must-Attend Conference for Cybersecurity Pros
Feb 12, 2025
Feb 12, 2025
Feb 4, 2025
Enhancing Online Privacy with Anonyome Labs
Feb 4, 2025
Feb 4, 2025
Jan 28, 2025
Navigating the Cybersecurity Job Market in 2025
Jan 28, 2025
Jan 28, 2025

Powered by Squarespace
0 items
$0