FBI Warns: Ransomware Victims Threatened By Attacker Phone Calls

Published: April 17, 2022 on our newsletter Security Fraud News & Alerts Newsletter.



The FBI recently released a warning about ransomware victims being threatened by phone calls from their attackers. These attack groups want their ransom demand paid and are willing to escalate their threat tactics to do it. One of the best answers for victims of such an attack is having data backup systems that restore data and entirely avoid paying a ransom. But now, the FBI finds businesses who do so are being threatened by phone calls from attackers who demand their ransom be paid, regardless of data backups. The FBI has known about these incidents since February of 2020, as part of monitoring the escalation of ransomware tactics. They believe these menacing phone calls are yet another example of escalating cyberthreats.


To Pay or Not to Pay


The FBI strongly recommends never paying a ransom as it only encourages further attacks. However, it’s not always a simple decision for the victims to make. Businesses that don’t backup their data are in a crisis since their systems have been locked and the data is inaccessible. That prevents victims from doing business as usual and some may not survive the weeks of downtime associated with these attacks. However, those who do backup their data have an easy resolution as a result. They don’t need to worry about paying a ransom. That is, until recently.

Escalation Going Up


The FBI reports ransomware threat groups like Doppelpaymer, Conti, and Ryuk are behind threatening phone calls to ransomware victims. Authorities suspect a cold-call center may be working for all of the ransomware gangs. They believe templates and prepared scripts are provided to the cold-call center by the hacking groups, as the content of the calls is similar across ransomware variants. The callers threaten victims with harm, including physical harm, if the ransom isn’t paid.



Cybercrime as a Business


As part of escalating ransomware and other cybercrime attacks, it’s clear that hacking groups have adopted cybercrime as a business. And like any other business, they want to maximize their profits. A ransomware group investing in cold-call centers is an investment in their future. According to the FBI, it’s not the first time that attackers have called victims directly. It is however, the first time ransomware victims have been targeted by phone calls threatening further harm. The FBI warns these calls are part of the ongoing, escalating tactics by ransomware groups in pursuit of their goal.


Back it Up


Businesses with a working data backup are still the best answer to a ransomware attack. If a company chooses not to back up data, they are inevitably leaving the data and their future in the hands of the attackers. The goal of these ransomware groups is making money and they’ve shown they’re willing to escalate threat tactics to do so. The experts agree, don’t give attackers the upper hand and instead, embrace data backups and the security they provide. Overall, it’s an investment in the continuing future of any business.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com

6 views0 comments