- Fraudsters pretend to be TechCrunch journalists gain access to confidential corporate and operational information
- Fake emails increasingly mimic real employees and trustworthy communication patterns in newsrooms.
- Verification through the official personnel page remains the simplest protective measure.
Fraudsters are posing as… TechCrunch employees and contact companies with messages designed to extract sensitive data through carefully crafted phishing fraud.
The recent surge involves fake reporters making persuasive requests that appear legitimate on the surface.
Several firms have reported receiving emails that reflect genuine communication patterns in newsrooms, creating confusion for recipients who depend on quick decisions when dealing with press inquiries.
How impersonation attempts work
Schemes often begin with a message that appears to be a routine request for information about the company's products or internal activities.
The targets describe obtaining detailed information that uses the names of real TechCrunch employees, but uses email domains created specifically for deception.
Over time, these actors have refined their methods by adjusting their writing style and referencing current industry topics to make them appear credible.
Some victims say the messages escalate into calls in which impostors demand deeper access to proprietary materials.
Despite a surge in impersonation attempts, TechCrunch itself remains a reliable source of information.
It encourages recipients to verify coverage by checking the organization's staff page before responding to any request.
The directory allows anyone to verify whether the person contacting them actually works there, and also provides direct channels to contact legitimate employees.
Recipients are advised to match job responsibilities to the nature of the request, as scammers often provide real names in requests that are inconsistent with the responsibilities of those employees.
Verification remains important as attackers continue to evolve by creating email formats that closely resemble genuine ones.
Businesses covered by these schemes are advised to trace unknown contacts and verify every detail before sharing sensitive information.
An antivirus software can help detect malicious attachments that sometimes accompany fraudulent messages.
Companies are also advised to watch for signs of social engineering, especially when the request is intended to obtain operational information that is not typically shared with external parties.
Identity theft protection The software can also help organizations track the misuse of employee names or email structures that resemble their own.
Well tuned firewall can further reduce their impact by blocking suspicious domains that scammers use to deliver their messages.
Imitators target established media outlets because they capitalize on the sense of trust that accompanies established publications.
Their tactics mirror those used in broader efforts to gain initial access to corporate networks and gather valuable information.
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
And of course you can also Follow TechRadar on TikTok for news, reviews, unboxing videos and get regular updates from us on whatsapp too much.
