• Explore
  • Blog
  • Podcast
  • Community
  • About
  • Services
  • Contact
Menu

Exploring Information Security

Securing the Future - A Journey into Cybersecurity Exploration
  • Explore
  • Blog
  • Podcast
  • Community
  • About
  • Services
  • Contact

Beware of Fake Ransom Note Campaigns Coming Via Snail Mail

March 11, 2025

I put together this blog post together for an internal security awareness program. Feel free to grab and use for your own.

In recent weeks, an alarming scam has been targeting businesses using a tactic we may not expect: physical mail. Criminals looking to take advantage of data breach news are sending fake ransom notes through snail mail according to a new Guidepoint Security report. In this particular scam the criminals are pretending to be from a newer ransomware-group called "BianLian." These letters demand Bitcoin payments, claiming to hold sensitive data hostage and threatening to release it unless paid within a short timeframe, often 10 days.

 

What Makes This Scam Dangerous?

The key element that makes these scams so effective is fear. Corporate executives or individuals may panic at the thought of sensitive company data being released, which can lead to rash decisions like paying the ransom. This type of scam capitalizes on the urgency and distress of the threat, even though there is no actual data breach.

 

FBI's Warning: This is a Scam!

The FBI has issued a Public Service Announcement (PSA), clarifying that there is no verified connection between these ransom letters and the BianLian ransomware group. While the attackers are attempting to intimidate victims, they are, in fact, preying on fear without any real access to stolen data.

 

What You Should Do

As part of our internal security awareness efforts, it’s essential to be aware of this type of scam. Here are a few tips on how to protect yourself and the organization:

 

  • Remain Calm: If you receive a ransom letter (or any unusual communication), do not respond immediately.

  • Report Suspicious Incidents: If you receive a suspicious letter or email, report it to the Service Desk or reach out to the Cybersecurity Team directly.

  • Stay Informed: Criminals are constantly shifting tactics to try and get people to fall for their scams. Blogs like this can help you stay informed about the latest threats.

The Bigger Picture: Ransomware is Evolving

While this particular scam may seem unusual, it’s part of a broader trend where ransomware groups and other cybercriminals evolve their tactics to bypass traditional security systems. This underscores the importance of staying ahead of the curve, maintaining awareness of new attack vectors, and ensuring that all team members are educated about the latest cybersecurity threats.

In News Tags Ransomware, Scam
Comment

Latest PoDCASTS

Featured
Dec 2, 2025
Exploring the Next Frontier of IAM: Shared Signals and Data Analytics
Dec 2, 2025
Dec 2, 2025
Nov 25, 2025
How to Close the Cybersecurity Skills Gap with a Student Powered SOC
Nov 25, 2025
Nov 25, 2025
Nov 18, 2025
What is the 2025 State of the API Report From Postman?
Nov 18, 2025
Nov 18, 2025
Nov 11, 2025
How AI Will Transform Society and Affect the Cybersecurity Field
Nov 11, 2025
Nov 11, 2025
Nov 4, 2025
[RERELEASE] How Macs get Malware
Nov 4, 2025
Nov 4, 2025
Oct 28, 2025
[RERELEASE] Why communication in infosec is important - Part 2
Oct 28, 2025
Oct 28, 2025
Oct 21, 2025
[RERELEASE] Why communication in infosec is important
Oct 21, 2025
Oct 21, 2025
Oct 14, 2025
Exploring AI, APIs, and the Social Engineering of LLMs
Oct 14, 2025
Oct 14, 2025
Oct 7, 2025
How to Prepare a Presentation for a Cybersecurity Conference
Oct 7, 2025
Oct 7, 2025
Sep 23, 2025
Exploring the Rogue AI Agent Threat with Sam Chehab
Sep 23, 2025
Sep 23, 2025

Powered by Squarespace