A new scam is targeting top business leaders in the United States, where criminals are sending letters demanding large ransom payments. Unlike typical ransomware attacks that involve hacking into computer systems, this scheme relies on physical mail. The letters claim that hackers have stolen company data and will leak it unless a ransom of $250,000 to $500,000 is paid. However, cybersecurity experts believe this is a fraud, with no actual hacking involved.
How the Scam Works
Investigators from the GuidePoint Research and Intelligence Team (GRIT) discovered that several companies have received these ransom letters through the US Postal Service (USPS). The letters are addressed to high-level executives and claim to be from the BianLian ransomware group, a known cybercriminal organization.
The message states that the company's confidential information has been stolen and will be exposed unless the demanded payment is made within ten days. To make the threat appear real, the letter includes a Bitcoin wallet address and a QR code that links directly to it. Some letters also provide links to BianLian’s dark web site to add legitimacy to the claim.
Despite these details, security analysts have found no proof that any actual data theft has occurred. The scam relies on fear and deception, hoping that executives will panic and send money.
Why Experts Believe the Threat Is Fake
Cybersecurity specialists have carefully examined multiple cases of this scam and found no signs of hacking or data breaches. The companies targeted in this scheme have not reported any unusual activity or unauthorized access to their systems. This strongly suggests that the criminals behind the letters are only pretending to be the BianLian ransomware group.
The FBI has confirmed that these letters are part of a fraud campaign and do not represent a real cyberattack. Many of the envelopes are marked as "Time Sensitive" to create urgency, and some even list a return address in Boston, Massachusetts, which appears to be another false detail.
Since there is no actual ransomware attack, businesses do not need to take technical action like removing malware or restoring stolen files. The main risk comes from executives believing the scam and paying the ransom.
What to Do If You Receive One of These Letters
If your company receives a similar ransom demand, take the following precautions:
1. Check Your Systems for Security Issues – Ensure that company networks are protected and that there are no signs of hacking or data leaks. Keeping cybersecurity measures updated is always important.
2. Do Not Send Any Money – These threats are fake, and paying the ransom will only encourage further scams.
3. Report the Scam – Contact law enforcement and inform the nearest FBI field office about the letter. Complaints can also be filed with the Internet Crime Complaint Center (IC3).
4. Inform Key Personnel – Let executives and employees know about this scam so they can recognize and ignore similar fraud attempts in the future.
This scam is a reminder that cybercriminals do not always rely on advanced hacking techniques. Sometimes, they use old-fashioned methods like physical mail to create fear and manipulate victims into paying. While real ransomware attacks remain a serious concern, this particular scheme is based on false claims.
Companies should stay informed and take precautions to avoid falling victim to these types of fraud. Being aware of such scams is the best way to protect against them.
