FBI warns about new extortion scam targeting sensitive data

Ransomware is simply a large menace to each industry. In caller years, hackers person progressively targeted companies with ransomware, locking their information unless a ransom is paid. In immoderate cases, they besides endanger to leak the stolen information online if the institution refuses to comply, arsenic seen successful the UnitedHealth breach, wherever hackers reportedly demanded $22 million. 

However, ransomware attacks are not constricted to companies. 

According to the latest FBI warning, they besides people employees, peculiarly firm executives. 

The bureau cautions that cybercriminals are sending extortion letters, threatening to merchandise victims' delicate accusation unless a ransom is paid.

STAY PROTECTED AND INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS – SIGN UP FOR KURT’S ‘THE CYBERGUY REPORT’ NOW

Hacker astatine work (Kurt "CyberGuy" Knutsson)

What you request to know

The FBI is informing businesses, peculiarly those successful the healthcare sector, astir a scam involving carnal ransom letters sent via the U.S. Postal Service. These letters, falsely claiming to beryllium from the ransomware radical BianLian, request Bitcoin payments ranging from $150,000 to $500,000 successful speech for not leaking supposedly stolen data.

Marked with "TIME SENSITIVE READ IMMEDIATELY," the letters allege that the attackers gained entree done societal engineering and exfiltrated delicate files. However, nary impervious is provided, and investigations person recovered nary signs of existent ransomware intrusions successful affected organizations. The letters look to beryllium templated, with lone insignificant variations, and see a QR codification linked to a Bitcoin wallet. Some besides diagnostic a compromised password, apt to marque the menace look much credible.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Sent from Boston with U.S. emblem stamps, these letters disagree importantly successful code and wording from known BianLian communications. Authorities judge this is simply a fear-based scam designed to instrumentality organizations into paying a ransom for a breach that ne'er happened.

Man scrolling connected his cellphone (Kurt "CyberGuy" Knutsson)

DATA REMOVAL DOES WHAT VPNS DON’T: HERE’S WHY YOU LIKELY NEED BOTH

Healthcare manufacture needs to enactment connected cybersecurity

Ransomware is hitting healthcare harder than ever. It is present the third-most targeted manufacture aft concern and manufacturing, with attacks rising much than 32% from 2023 to 2024. These attacks bash not conscionable enactment information astatine risk. They besides disrupt hospitals, dilatory down attraction and make chaos for doctors and patients.

The Ascension cyberattack successful May 2024 is simply a wide example. Hackers locked aesculapian unit retired of captious systems, unopen down telephone lines and blocked tools needed for tests, procedures and medications. At first, the breach was reported with an estimated 500 affected individuals, but by December, that fig had jumped to astir 5.6 million.

UnitedHealth’s Change Healthcare portion experienced a monolithic information breach successful February 2024 that further highlighted the vulnerability of the sector. Initially reported to person affected astir 100 cardinal people, the fig aboriginal grew to 190 million, making it the largest aesculapian information breach successful U.S. history. 

This breach affected astir fractional of the country’s population. UnitedHealth attributed the onslaught to ALPHV/BlackCat, a Russian-speaking ransomware radical that aboriginal claimed work for the onslaught earlier being dismantled by instrumentality enforcement.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Woman utilizing aggregate devices (Kurt "CyberGuy" Knutsson)

HUGE HEALTHCARE DATA BREACH EXPOSES OVER 1 MILLION AMERICANS’ SENSITIVE INFORMATION

7 ways to debar ransomware attacks (and fake ransomware scams)

1. Install beardown antivirus bundle and regularly update software: The archetypal enactment of defence against ransomware is ensuring that your systems are equipped with the latest information tools. Keep each bundle and devices up to day to debar vulnerabilities that hackers tin exploit. Install firewalls, strong antivirus bundle and intrusion detection systems to artifact malicious activities earlier they tin origin harm. Regularly spot operating systems and applications to enactment up of cybercriminals. The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe. Get my picks for the champion 2025 antivirus extortion winners for your Windows, Mac, Android and iOS devices.

2. Implement beardown password policies and usage a password manager: Ensure each passwords are unique, astatine slightest 15 characters agelong and see a premix of uppercase and lowercase letters, numbers and symbols. Also, see utilizing a password manager to make and store analyzable passwords securely. This reduces the hazard of password reuse and anemic passwords, which are communal introduction points for ransomware attacks. Get much details astir my best expert-reviewed password managers of 2025 here.

3. Educate and bid employees connected cybersecurity awareness: Many ransomware attacks commencement with phishing emails oregon societal engineering tactics. As seen successful the scam targeting executives, attackers often usage fear-based tactics to manipulate victims into acting quickly. Train your employees, peculiarly high-level executives, to admit suspicious emails, fraudulent requests and phishing attempts.

4. Backup information and support a unafraid betterment plan: Data backups are a captious safeguard against ransomware. Regularly backmost up captious information to secure, offline locations that ransomware cannot access. Testing your betterment plans often ensures that if an onslaught does occur, you tin retrieve rapidly with minimal interaction connected operations. In addition, see utilizing a unreality work with encryption to guarantee that adjacent if an onslaught happens, the backup remains safe.

5. Utilize two-factor authentication (2FA): Two-factor authentication is an indispensable information measurement that adds an other furniture of extortion to delicate systems and data. With 2FA, adjacent if attackers negociate to get login credentials, they won’t beryllium capable to entree captious systems without the 2nd origin of authentication, whether it’s a codification sent to a telephone oregon biometric verification.

6. Verify threats earlier taking action: If you person a ransom request (digital oregon physical), analyse its legitimacy. Scams often deficiency impervious of information breaches oregon web compromise. Consult cybersecurity experts oregon instrumentality enforcement earlier responding.

7. Report suspicious activity: Notify instrumentality enforcement oregon organizations similar the FBI’s Internet Crime Complaint Center if you brushwood scams oregon ransomware threats. Reporting helps authorities way and mitigate these activities.

FBI WARNS OF DANGEROUS NEW ‘SMISHING’ SCAM TARGETING YOUR PHONE 

Kurt's cardinal takeaway

Healthcare is earnestly lagging erstwhile it comes to cybersecurity. It's brainsick that truthful galore wellness institutions don’t person a CISO oregon a dedicated information team. Instead, the IT department, which isn’t ever trained successful cybersecurity, gets stuck trying to grip it all. With truthful overmuch delicate information astatine risk, it’s shocking that truthful galore healthcare organizations inactive dainty cybersecurity arsenic an afterthought.

Cyberattacks are lone going to get worse, and unless the manufacture steps up its game, it’s conscionable a substance of clip earlier much hospitals, clinics and wellness systems get hit. It’s clip to instrumentality information seriously.

CLICK HERE TO GET THE FOX NEWS APP

Do you deliberation these companies are doing capable to support your data, and is the authorities doing capable to drawback those down cyberattacks? Let america cognize by penning america at Cyberguy.com/Contact.

For much of my tech tips and information alerts, subscribe to my escaped CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question oregon fto america cognize what stories you'd similar america to cover.

Follow Kurt connected his societal channels:

• Facebook
• YouTube
• Instagram

Answers to the most-asked CyberGuy questions:

• What is the champion mode to support your Mac, Windows, iPhone and Android devices from getting hacked?
• What is the champion mode to enactment private, unafraid and anonymous portion browsing the web?
• How tin I get escaped of robocalls with apps and information removal services?
• How bash I region my backstage information from the internet?

New from Kurt:

• Try CyberGuy's caller games (crosswords, connection searches, trivia and more!)
• CyberGuy's exclusive coupons and deals

Copyright 2025 CyberGuy.com. All rights reserved.