Return to site

Scam Alert - Fake Ransomware Letters Arriving by Snail-Mail

Be Aware, Do Not Panic!

· ScamAlert,Cybersecurity,Ransomware,CyberAttacks,Resilience

A new scam has been making waves in recent weeks, drawing concern from both the FBI and cybersecurity professionals. Instead of using email or digital methods, scammers are now sending physical ransom letters through the mail—targeting executives and organizations with alarming claims.

Source: BleepingComputer

Why These Ransom Letters Are Likely a Scam

Experts believe these letters are not connected to any legitimate ransomware group, and several key signs support that conclusion:

  • Outdated delivery method: Genuine ransomware attacks almost always involve digital communication—not physical mail.
  • Unusually polished language: The messages are written in fluent, complex English, which doesn’t match the known patterns of BianLian’s past activity.
  • Publicly available Tor links: The included links lead to actual BianLian leak sites, but these URLs are well-known and don’t serve as proof of a real breach.
  • No contact for negotiation: Real ransomware notes usually include ways to communicate or negotiate, which are noticeably absent here.
  • No signs of compromise: Organizations that have received these letters have not reported any evidence of cyber intrusion or malicious activity.

What You Should Do If You Receive One

If your organization receives one of these letters, here’s how to respond:

  • Stay calm: These letters are highly likely to be scams and don’t indicate a real security issue.
  • Report it: Forward the letter to your internal security or IT support teams for review and documentation.
  • Do not reply or pay: Engaging with the sender or making a payment could expose you to further risk.

Sample Letter Content

broken image

(Example courtesy of GuidePoint Security)

As always, staying informed is the first step in staying secure. If you encounter one of these suspicious letters, treat it as a hoax, report it through the proper channels, and move forward with confidence. Awareness is your best defense.

References:

Omar has over 25 years of expertise in the technology field, specifically in Cybersecurity and Data Resilence. He currently serves as a Senior Systems Engineer at Veeam, where he is tasked with delivering data resiliency solutions to organizations to ensure the uninterrupted operation and quick recovery of their critical IT workloads and applications.