The FBI periodically releases warnings and bulletins regarding popular scams that impact businesses and consumers. Their March 6 brief highlighted a scam rooted in cyberspace, but attacking victims through the postal service.
Victims in this scheme are generally corporative executives. They receive a letter at their physical address warning them that their business has been the victim of ransomware. The letter includes a QR code with instructions on paying the ransom via BitCoin.
A link to the full FBI release is available here.
In all of the cases examined by cyber security experts, none of the companies were actually the victims of ransomware. Some of the letters did include a password that the executive used at some point, as “proof” that their account/data had been access, or included specific details about software platforms used within their corporation. The letters may indicate that the business was part of an earlier breach or compromise.
Please make sure that your team is aware of this threat, so that if you receive similar communications you can respond calmly. If you or someone at your business/organization receives a letter like this, there are links within the FBI release to report this scam. You should evaluate the letter and evaluate your network/data to check for signs of malicious activity.
Take this opportunity to review your team’s security plans, reinforce awareness, and ensure everyone knows the proper steps to respond to potential threats.
Sources: