FBI Issues Hacker Warning for Gmail and Microsoft Outlook Users
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have raised an alert for users of Gmail and Microsoft Outlook regarding a rising ransomware threat. These agencies have cautioned that Medusa, a ransomware-as-a-service software active since 2021, has escalated its attacks, affecting hundreds of individuals recently.
- Medusa relies on phishing to steal login credentials, making it a significant risk for both individuals and organizations.
- To defend against this ransomware, CISA recommends updating operating systems, enabling multi-factor authentication (MFA) for email and VPN services, and using strong passwords while avoiding frequent changes.
How Medusa Ransomware Operates
According to a security advisory reported by the Associated Press (AP), Medusa attackers—referred to as “Medusa actors”—use a double extortion tactic.
- First, they encrypt victims’ data, preventing access until a ransom is paid.
- Simultaneously, they threaten to leak stolen information unless victims comply.
- Medusa runs a data-leak website, listing victims along with countdown timers, marking the deadline for potential data exposure.
The advisory further revealed that ransom amounts are publicly posted on the leak site, complete with direct links to cryptocurrency wallets belonging to Medusa affiliates.
- Attackers auction stolen data to potential buyers, putting pressure on victims.
- For an additional $10,000 in cryptocurrency, victims can extend the countdown timer by one day, giving them more time to arrange a ransom payment.
Medusa’s Expanding Target List
CISA reported that Medusa’s reach has grown significantly, with over 300 victims across key industries such as:
- Healthcare, Education, and Legal sectors
- Insurance, Technology, and Manufacturing industries
This widespread targeting suggests that no industry is immune from potential attacks, making cybersecurity vigilance essential.
Rising ‘Smishing’ Attacks: Another FBI Warning
In a separate warning last week, the FBI cautioned about a surge in “smishing” attacks affecting both iPhone and Android users.
- Smishing scams use fake text messages to trick individuals into revealing personal and financial data.
- Cybercriminals have registered over 10,000 fraudulent domains, facilitating a fourfold increase in attacks since January 2025.
This sharp rise in smishing incidents poses a severe risk of identity theft and financial fraud, potentially affecting millions of users worldwide.
